mbk-lab
/
nextcloud
2
0
Fork 0
Code Issues Pull Requests Projects Releases Wiki Activity

Use a hook to integrate sharing password verification

This commit is contained in:
Thomas Müller 2015-07-23 14:44:48 +02:00
parent 9ccf94ca06
commit ac08685234
1 changed files with 22 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

22
lib/private/share/share.php
View File

@ -737,6 +737,7 @@ class Share extends Constants {
// Generate hash of password - same method as user passwords
if (!empty($shareWith)) {
self::verifyPassword($shareWith);
$shareWith = \OC::$server->getHasher()->hash($shareWith);
} else {
// reuse the already set password, but only if we change permissions
@ -1252,6 +1253,8 @@ class Share extends Constants {
throw new \Exception('Cannot remove password');
}
self::verifyPassword($password);
$qb = $connection->getQueryBuilder();
$qb->update('*PREFIX*share')
->set('share_with', $qb->createParameter('pass'))
@ -2604,4 +2607,23 @@ class Share extends Constants {
$result = \OC::$server->getDatabaseConnection()->executeQuery($query, [$id]);
return $result->fetchAll();
}
/**
* @param string $password
* @throws \Exception
*/
private static function verifyPassword($password) {
$accepted = true;
$message = '';
\OCP\Util::emitHook('\OC\Share', 'verifyPassword', [
'password' => $password,
'accepted' => &$accepted,
'message' => &$message
]);
if (!$accepted) {
throw new \Exception($message);
}
}
}