throw hooks when accessing a link share
This commit is contained in:
parent
4dfd56ee81
commit
cd68500731
|
@ -177,6 +177,7 @@ class ShareController extends Controller {
|
|||
if ($this->shareManager->checkPassword($share, $password)) {
|
||||
$this->session->set('public_link_authenticated', (string)$share->getId());
|
||||
} else {
|
||||
$this->emitAccessShareHook($share, 403, 'Wrong password');
|
||||
return false;
|
||||
}
|
||||
} else {
|
||||
|
@ -189,6 +190,45 @@ class ShareController extends Controller {
|
|||
return true;
|
||||
}
|
||||
|
||||
/**
|
||||
* throws hooks when a share is attempted to be accessed
|
||||
*
|
||||
* @param \OC\Share20\Share|string $share the Share instance if available,
|
||||
* otherwise token
|
||||
* @param int $errorCode
|
||||
* @param string $errorMessage
|
||||
* @throws NotFoundException
|
||||
* @throws OC\HintException
|
||||
* @throws OC\ServerNotAvailableException
|
||||
*/
|
||||
protected function emitAccessShareHook($share, $errorCode = 200, $errorMessage = '') {
|
||||
$itemType = $itemSource = $uidOwner = '';
|
||||
$token = $share;
|
||||
$exception = null;
|
||||
if($share instanceof \OC\Share20\Share) {
|
||||
try {
|
||||
$token = $share->getToken();
|
||||
$uidOwner = $share->getSharedBy();
|
||||
$itemType = $share->getNode() instanceof \OCP\Files\File ? 'file' : 'folder';
|
||||
$itemSource = $share->getNode()->getId();
|
||||
} catch (\Exception $e) {
|
||||
// we log what we know and pass on the exception afterwards
|
||||
$exception = $e;
|
||||
}
|
||||
}
|
||||
\OC_Hook::emit('OCP\Share', 'share_link_access', [
|
||||
'itemType' => $itemType,
|
||||
'itemSource' => $itemSource,
|
||||
'uidOwner' => $uidOwner,
|
||||
'token' => $token,
|
||||
'errorCode' => $errorCode,
|
||||
'errorMessage' => $errorMessage,
|
||||
]);
|
||||
if(!is_null($exception)) {
|
||||
throw $exception;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* @PublicPage
|
||||
* @NoCSRFRequired
|
||||
|
@ -205,6 +245,7 @@ class ShareController extends Controller {
|
|||
try {
|
||||
$share = $this->shareManager->getShareByToken($token);
|
||||
} catch (ShareNotFound $e) {
|
||||
$this->emitAccessShareHook($token, 404, 'Share not found');
|
||||
return new NotFoundResponse();
|
||||
}
|
||||
|
||||
|
@ -215,9 +256,15 @@ class ShareController extends Controller {
|
|||
}
|
||||
|
||||
// We can't get the path of a file share
|
||||
try {
|
||||
if ($share->getNode() instanceof \OCP\Files\File && $path !== '') {
|
||||
$this->emitAccessShareHook($share, 404, 'Share not found');
|
||||
throw new NotFoundException();
|
||||
}
|
||||
} catch (\Exception $e) {
|
||||
$this->emitAccessShareHook($share, 404, 'Share not found');
|
||||
throw $e;
|
||||
}
|
||||
|
||||
$rootFolder = null;
|
||||
if ($share->getNode() instanceof \OCP\Files\Folder) {
|
||||
|
@ -227,6 +274,7 @@ class ShareController extends Controller {
|
|||
try {
|
||||
$path = $rootFolder->get($path);
|
||||
} catch (\OCP\Files\NotFoundException $e) {
|
||||
$this->emitAccessShareHook($share, 404, 'Share not found');
|
||||
throw new NotFoundException();
|
||||
}
|
||||
}
|
||||
|
@ -287,6 +335,8 @@ class ShareController extends Controller {
|
|||
$response = new TemplateResponse($this->appName, 'public', $shareTmpl, 'base');
|
||||
$response->setContentSecurityPolicy($csp);
|
||||
|
||||
$this->emitAccessShareHook($share);
|
||||
|
||||
return $response;
|
||||
}
|
||||
|
||||
|
@ -344,6 +394,7 @@ class ShareController extends Controller {
|
|||
try {
|
||||
$node = $node->get($path);
|
||||
} catch (NotFoundException $e) {
|
||||
$this->emitAccessShareHook($share, 404, 'Share not found');
|
||||
return new NotFoundResponse();
|
||||
}
|
||||
}
|
||||
|
@ -409,6 +460,8 @@ class ShareController extends Controller {
|
|||
setcookie('ocDownloadStarted', $downloadStartSecret, time() + 20, '/');
|
||||
}
|
||||
|
||||
$this->emitAccessShareHook($share);
|
||||
|
||||
// download selected files
|
||||
if (!is_null($files)) {
|
||||
// FIXME: The exit is required here because otherwise the AppFramework is trying to add headers as well
|
||||
|
|
Loading…
Reference in New Issue