throw hooks when accessing a link share
This commit is contained in:
Arthur Schiwon
parent
4dfd56ee81
commit
cd68500731
|
|
@ -177,6 +177,7 @@ class ShareController extends Controller {
|
||||||
if ($this->shareManager->checkPassword($share, $password)) {
|
if ($this->shareManager->checkPassword($share, $password)) {
|
||||||
$this->session->set('public_link_authenticated', (string)$share->getId());
|
$this->session->set('public_link_authenticated', (string)$share->getId());
|
||||||
} else {
|
} else {
|
||||||
|
$this->emitAccessShareHook($share, 403, 'Wrong password');
|
||||||
return false;
|
return false;
|
||||||
}
|
}
|
||||||
} else {
|
} else {
|
||||||
|
|
@ -189,6 +190,45 @@ class ShareController extends Controller {
|
||||||
return true;
|
return true;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
/**
|
||||||
|
* throws hooks when a share is attempted to be accessed
|
||||||
|
*
|
||||||
|
* @param \OC\Share20\Share|string $share the Share instance if available,
|
||||||
|
* otherwise token
|
||||||
|
* @param int $errorCode
|
||||||
|
* @param string $errorMessage
|
||||||
|
* @throws NotFoundException
|
||||||
|
* @throws OC\HintException
|
||||||
|
* @throws OC\ServerNotAvailableException
|
||||||
|
*/
|
||||||
|
protected function emitAccessShareHook($share, $errorCode = 200, $errorMessage = '') {
|
||||||
|
$itemType = $itemSource = $uidOwner = '';
|
||||||
|
$token = $share;
|
||||||
|
$exception = null;
|
||||||
|
if($share instanceof \OC\Share20\Share) {
|
||||||
|
try {
|
||||||
|
$token = $share->getToken();
|
||||||
|
$uidOwner = $share->getSharedBy();
|
||||||
|
$itemType = $share->getNode() instanceof \OCP\Files\File ? 'file' : 'folder';
|
||||||
|
$itemSource = $share->getNode()->getId();
|
||||||
|
} catch (\Exception $e) {
|
||||||
|
// we log what we know and pass on the exception afterwards
|
||||||
|
$exception = $e;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
\OC_Hook::emit('OCP\Share', 'share_link_access', [
|
||||||
|
'itemType' => $itemType,
|
||||||
|
'itemSource' => $itemSource,
|
||||||
|
'uidOwner' => $uidOwner,
|
||||||
|
'token' => $token,
|
||||||
|
'errorCode' => $errorCode,
|
||||||
|
'errorMessage' => $errorMessage,
|
||||||
|
]);
|
||||||
|
if(!is_null($exception)) {
|
||||||
|
throw $exception;
|
||||||
|
}
|
||||||
|
}
|
||||||
|
|
||||||
/**
|
/**
|
||||||
* @PublicPage
|
* @PublicPage
|
||||||
* @NoCSRFRequired
|
* @NoCSRFRequired
|
||||||
|
|
@ -205,6 +245,7 @@ class ShareController extends Controller {
|
||||||
try {
|
try {
|
||||||
$share = $this->shareManager->getShareByToken($token);
|
$share = $this->shareManager->getShareByToken($token);
|
||||||
} catch (ShareNotFound $e) {
|
} catch (ShareNotFound $e) {
|
||||||
|
$this->emitAccessShareHook($token, 404, 'Share not found');
|
||||||
return new NotFoundResponse();
|
return new NotFoundResponse();
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -215,8 +256,14 @@ class ShareController extends Controller {
|
||||||
}
|
}
|
||||||
|
|
||||||
// We can't get the path of a file share
|
// We can't get the path of a file share
|
||||||
if ($share->getNode() instanceof \OCP\Files\File && $path !== '') {
|
try {
|
||||||
throw new NotFoundException();
|
if ($share->getNode() instanceof \OCP\Files\File && $path !== '') {
|
||||||
|
$this->emitAccessShareHook($share, 404, 'Share not found');
|
||||||
|
throw new NotFoundException();
|
||||||
|
}
|
||||||
|
} catch (\Exception $e) {
|
||||||
|
$this->emitAccessShareHook($share, 404, 'Share not found');
|
||||||
|
throw $e;
|
||||||
}
|
}
|
||||||
|
|
||||||
$rootFolder = null;
|
$rootFolder = null;
|
||||||
|
|
@ -227,6 +274,7 @@ class ShareController extends Controller {
|
||||||
try {
|
try {
|
||||||
$path = $rootFolder->get($path);
|
$path = $rootFolder->get($path);
|
||||||
} catch (\OCP\Files\NotFoundException $e) {
|
} catch (\OCP\Files\NotFoundException $e) {
|
||||||
|
$this->emitAccessShareHook($share, 404, 'Share not found');
|
||||||
throw new NotFoundException();
|
throw new NotFoundException();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -287,6 +335,8 @@ class ShareController extends Controller {
|
||||||
$response = new TemplateResponse($this->appName, 'public', $shareTmpl, 'base');
|
$response = new TemplateResponse($this->appName, 'public', $shareTmpl, 'base');
|
||||||
$response->setContentSecurityPolicy($csp);
|
$response->setContentSecurityPolicy($csp);
|
||||||
|
|
||||||
|
$this->emitAccessShareHook($share);
|
||||||
|
|
||||||
return $response;
|
return $response;
|
||||||
}
|
}
|
||||||
|
|
||||||
|
|
@ -344,6 +394,7 @@ class ShareController extends Controller {
|
||||||
try {
|
try {
|
||||||
$node = $node->get($path);
|
$node = $node->get($path);
|
||||||
} catch (NotFoundException $e) {
|
} catch (NotFoundException $e) {
|
||||||
|
$this->emitAccessShareHook($share, 404, 'Share not found');
|
||||||
return new NotFoundResponse();
|
return new NotFoundResponse();
|
||||||
}
|
}
|
||||||
}
|
}
|
||||||
|
|
@ -409,6 +460,8 @@ class ShareController extends Controller {
|
||||||
setcookie('ocDownloadStarted', $downloadStartSecret, time() + 20, '/');
|
setcookie('ocDownloadStarted', $downloadStartSecret, time() + 20, '/');
|
||||||
}
|
}
|
||||||
|
|
||||||
|
$this->emitAccessShareHook($share);
|
||||||
|
|
||||||
// download selected files
|
// download selected files
|
||||||
if (!is_null($files)) {
|
if (!is_null($files)) {
|
||||||
// FIXME: The exit is required here because otherwise the AppFramework is trying to add headers as well
|
// FIXME: The exit is required here because otherwise the AppFramework is trying to add headers as well
|
||||||
|
|
|
||||||
Loading…
Reference in New Issue