diff options
| author | brantje <brantje@gmail.com> | 2016-12-28 20:54:54 +0300 |
|---|---|---|
| committer | brantje <brantje@gmail.com> | 2016-12-28 23:34:59 +0300 |
| commit | 858195834d6af9d1c4a5717816a5d1a431686fdc (patch) | |
| tree | ed71ef6f12976d4e9f21faa7254fae26b3775158 /controller | |
| parent | 3d31b2809385bd77b0e074711f27ddb68a8140b0 (diff) | |
Add settings page, non functional
Implement disable context menu
Implemement disable http warning
Implement vault key strength setting
Implement share settings
Implement version check setting
Diffstat (limited to 'controller')
| -rw-r--r-- | controller/credentialcontroller.php | 66 | ||||
| -rw-r--r-- | controller/internalcontroller.php | 33 | ||||
| -rw-r--r-- | controller/sharecontroller.php | 64 | ||||
| -rw-r--r-- | controller/translationcontroller.php | 5 |
4 files changed, 110 insertions, 58 deletions
diff --git a/controller/credentialcontroller.php b/controller/credentialcontroller.php index 45a6499a..fdc391fb 100644 --- a/controller/credentialcontroller.php +++ b/controller/credentialcontroller.php @@ -17,6 +17,7 @@ use OCA\Passman\Utility\NotFoundJSONResponse; use OCP\AppFramework\Db\DoesNotExistException; use OCP\AppFramework\Http; use OCP\AppFramework\Http\DataResponse; +use OCP\IConfig; use OCP\IRequest; use OCP\AppFramework\Http\JSONResponse; use OCP\AppFramework\ApiController; @@ -33,6 +34,7 @@ class CredentialController extends ApiController { private $activityService; private $credentialRevisionService; private $sharingService; + private $config; public function __construct($AppName, IRequest $request, @@ -40,7 +42,8 @@ class CredentialController extends ApiController { CredentialService $credentialService, ActivityService $activityService, CredentialRevisionService $credentialRevisionService, - ShareService $sharingService + ShareService $sharingService, + IConfig $config ) { parent::__construct($AppName, $request); $this->userId = $userId; @@ -48,8 +51,10 @@ class CredentialController extends ApiController { $this->activityService = $activityService; $this->credentialRevisionService = $credentialRevisionService; $this->sharingService = $sharingService; + $this->config = $config; } + /** * @NoAdminRequired * @NoCSRFRequired @@ -85,7 +90,7 @@ class CredentialController extends ApiController { ); $credential = $this->credentialService->createCredential($credential); $link = ''; // @TODO create direct link to credential - if(!$credential->getHidden()) { + if (!$credential->getHidden()) { $this->activityService->add( Activity::SUBJECT_ITEM_CREATED_SELF, array($label, $this->userId), '', array(), @@ -146,7 +151,11 @@ class CredentialController extends ApiController { } else { return new DataResponse(['msg' => 'Not authorized'], Http::STATUS_UNAUTHORIZED); } + if ($this->config->getAppValue('passman', 'user_sharing_enabled', 1) === 0 || $this->config->getAppValue('passman', 'user_sharing_enabled', 1) === '0') { + return new DataResponse(['msg' => 'Not authorized'], Http::STATUS_UNAUTHORIZED); + } } + $link = ''; // @TODO create direct link to credential if ($revision_created) { $activity = 'item_apply_revision'; @@ -154,13 +163,13 @@ class CredentialController extends ApiController { $activity . '_self', array($label, $this->userId, $revision_created), '', array(), $link, $this->userId, Activity::TYPE_ITEM_ACTION); - } else if (($storedCredential->getDeleteTime() === 0) && (int) $delete_time > 0) { + } else if (($storedCredential->getDeleteTime() === 0) && (int)$delete_time > 0) { $activity = 'item_deleted'; $this->activityService->add( $activity . '_self', array($label, $this->userId), '', array(), $link, $this->userId, Activity::TYPE_ITEM_ACTION); - } else if (($storedCredential->getDeleteTime() > 0) && (int) $delete_time === 0) { + } else if (($storedCredential->getDeleteTime() > 0) && (int)$delete_time === 0) { $activity = 'item_recovered'; $this->activityService->add( $activity . '_self', array($label, $this->userId), @@ -204,7 +213,7 @@ class CredentialController extends ApiController { foreach ($acl_list as $sharingACL) { $target_user = $sharingACL->getUserId(); - if($target_user === $this->userId){ + if ($target_user === $this->userId) { continue; } $this->activityService->add( @@ -219,15 +228,15 @@ class CredentialController extends ApiController { $link, $storedCredential->getUserId(), Activity::TYPE_ITEM_ACTION); } } - if($set_share_key === true){ + if ($set_share_key === true) { $storedCredential->setSharedKey($shared_key); $credential['shared_key'] = $shared_key; } - if($unshare_action === true){ + if ($unshare_action === true) { $storedCredential->setSharedKey(''); $credential['shared_key'] = ''; } - if(!$skip_revision) { + if (!$skip_revision) { $this->credentialRevisionService->createRevision($storedCredential, $storedCredential->getUserId(), $credential_id, $this->userId); } $credential = $this->credentialService->updateCredential($credential); @@ -259,26 +268,23 @@ class CredentialController extends ApiController { * @NoCSRFRequired */ public function getRevision($credential_guid) { - try { - $credential = $this->credentialService->getCredentialByGUID($credential_guid); - } - catch (DoesNotExistException $ex){ - return new NotFoundJSONResponse(); - } + try { + $credential = $this->credentialService->getCredentialByGUID($credential_guid); + } catch (DoesNotExistException $ex) { + return new NotFoundJSONResponse(); + } - // If the request was made by the owner of the credential - if ($this->userId === $credential->getUserId()) { - $result = $this->credentialRevisionService->getRevisions($credential->getId(), $this->userId); - } - else { - $acl = $this->sharingService->getACL($this->userId, $credential_guid); - if ($acl->hasPermission(SharingACL::HISTORY)){ - $result = $this->credentialRevisionService->getRevisions($credential->getId()); - } - else { - return new NotFoundJSONResponse(); - } - } + // If the request was made by the owner of the credential + if ($this->userId === $credential->getUserId()) { + $result = $this->credentialRevisionService->getRevisions($credential->getId(), $this->userId); + } else { + $acl = $this->sharingService->getACL($this->userId, $credential_guid); + if ($acl->hasPermission(SharingACL::HISTORY)) { + $result = $this->credentialRevisionService->getRevisions($credential->getId()); + } else { + return new NotFoundJSONResponse(); + } + } return new JSONResponse($result); } @@ -296,7 +302,7 @@ class CredentialController extends ApiController { * @NoAdminRequired * @NoCSRFRequired */ - public function updateRevision($credential_guid, $revision_id, $credential_data){ + public function updateRevision($credential_guid, $revision_id, $credential_data) { $revision = null; try { $this->credentialService->getCredentialByGUID($credential_guid, $this->userId); @@ -304,9 +310,9 @@ class CredentialController extends ApiController { return new NotFoundJSONResponse(); } - try{ + try { $revision = $this->credentialRevisionService->getRevision($revision_id); - } catch(DoesNotExistException $exception){ + } catch (DoesNotExistException $exception) { return new NotFoundJSONResponse(); } diff --git a/controller/internalcontroller.php b/controller/internalcontroller.php index 01a310a9..176c71bc 100644 --- a/controller/internalcontroller.php +++ b/controller/internalcontroller.php @@ -11,6 +11,7 @@ namespace OCA\Passman\Controller; +use OCP\IConfig; use OCP\IRequest; use OCP\AppFramework\Http\JSONResponse; use OCP\AppFramework\ApiController; @@ -20,14 +21,18 @@ use \OCP\App; class InternalController extends ApiController { private $userId; private $credentialService; + private $config; public function __construct($AppName, IRequest $request, $UserId, - CredentialService $credentialService) { + CredentialService $credentialService, + IConfig $config + ) { parent::__construct($AppName, $request); $this->userId = $UserId; $this->credentialService = $credentialService; + $this->config = $config; } /** @@ -80,4 +85,30 @@ class InternalController extends ApiController { return new JSONResponse($random_person); } + /** + * @NoAdminRequired + * @NoCSRFRequired + */ + public function getSettings() { + $settings = array( + 'link_sharing_enabled' => $this->config->getAppValue('passman', 'link_sharing_enabled', 1), + 'user_sharing_enabled' => $this->config->getAppValue('passman', 'user_sharing_enabled', 1), + 'vault_key_strength' => $this->config->getAppValue('passman', 'vault_key_strength', 3), + 'check_version' => $this->config->getAppValue('passman', 'check_version', 1), + 'https_check' => $this->config->getAppValue('passman', 'https_check', 1), + 'disable_contextmenu' => $this->config->getAppValue('passman', 'disable_contextmenu', 1), + ); + return new JSONResponse($settings); + } + + /** + * @NoCSRFRequired + */ + public function saveSettings($key, $value) { + if (is_numeric($value)) { + $value = intval($value); + } + $this->config->setAppValue('passman', $key, $value); + } + }
\ No newline at end of file diff --git a/controller/sharecontroller.php b/controller/sharecontroller.php index 361d5351..aa061432 100644 --- a/controller/sharecontroller.php +++ b/controller/sharecontroller.php @@ -11,8 +11,6 @@ namespace OCA\Passman\Controller; -use OCA\Files_External\NotFoundException; -use OCA\Passman\Db\ShareRequest; use OCA\Passman\Db\SharingACL; use OCA\Passman\Db\Vault; use OCA\Passman\Service\CredentialService; @@ -23,16 +21,13 @@ use OCA\Passman\Utility\NotFoundJSONResponse; use OCA\Passman\Utility\Utils; use OCP\AppFramework\Db\DoesNotExistException; use OCP\AppFramework\Http\NotFoundResponse; +use OCP\IConfig; use OCP\IRequest; use OCP\AppFramework\Http\JSONResponse; use OCP\AppFramework\ApiController; -use OCP\AppFramework\Http; -use OCP\AppFramework\Http\DataResponse; -use OCP\IGroup; use OCP\IGroupManager; use OCP\IUserManager; -use OCP\IUser; use OCA\Passman\Service\VaultService; use OCA\Passman\Service\ActivityService; @@ -49,6 +44,7 @@ class ShareController extends ApiController { private $credentialService; private $notificationService; private $fileService; + private $config; private $limit = 50; private $offset = 0; @@ -63,7 +59,8 @@ class ShareController extends ApiController { ShareService $shareService, CredentialService $credentialService, NotificationService $notificationService, - FileService $fileService + FileService $fileService, + IConfig $config ) { parent::__construct($AppName, $request); @@ -76,6 +73,13 @@ class ShareController extends ApiController { $this->credentialService = $credentialService; $this->notificationService = $notificationService; $this->fileService = $fileService; + $this->config = $config; + } + + private function isSharingEnabled() { + if ($this->config->getAppValue('passman', 'link_sharing_enabled', 1) === 0 || $this->config->getAppValue('passman', 'link_sharing_enabled', 1) === '0') { + return new JSONResponse(array()); + } } /** @@ -87,10 +91,12 @@ class ShareController extends ApiController { * @NoCSRFRequired */ public function createPublicShare($item_id, $item_guid, $permissions, $expire_timestamp, $expire_views) { + $this->isSharingEnabled(); + - try{ + try { $credential = $this->credentialService->getCredentialByGUID($item_guid); - } catch (DoesNotExistException $exception){ + } catch (DoesNotExistException $exception) { return new NotFoundResponse(); } @@ -124,6 +130,7 @@ class ShareController extends ApiController { * @NoCSRFRequired */ public function applyIntermediateShare($item_id, $item_guid, $vaults, $permissions) { + $this->isSharingEnabled(); /** * Assemble notification */ @@ -139,14 +146,14 @@ class ShareController extends ApiController { return new JSONResponse(array('error' => 'User got already pending requests')); } } catch (DoesNotExistException $exception) { - + // no need to catch this } $acl = null; try { $acl = $this->shareService->getCredentialAclForUser($first_vault['user_id'], $item_guid); } catch (DoesNotExistException $exception) { - + // no need to catch this } if ($acl) { @@ -216,6 +223,7 @@ class ShareController extends ApiController { * @NoCSRFRequired */ public function unshareCredential($item_guid) { + $this->isSharingEnabled(); $acl_list = $this->shareService->getCredentialAclList($item_guid); $request_list = $this->shareService->getShareRequestsByGuid($item_guid); foreach ($acl_list as $ACL) { @@ -234,21 +242,21 @@ class ShareController extends ApiController { } - public function unshareCredentialFromUser($item_guid, $user_id){ + public function unshareCredentialFromUser($item_guid, $user_id) { $acl = null; $sr = null; try { $acl = $this->shareService->getCredentialAclForUser($user_id, $item_guid); - } catch (DoesNotExistException $e){ + } catch (DoesNotExistException $e) { } - try{ - $sr = array_pop($this->shareService->getPendingShareRequestsForCredential($item_guid, $user_id)); - } catch (DoesNotExistException $e){ - + try { + $sr = array_pop($this->shareService->getPendingShareRequestsForCredential($item_guid, $user_id)); + } catch (DoesNotExistException $e) { + // no need to catch this } - if($sr){ + if ($sr) { $this->shareService->cleanItemRequestsForUser($sr); $manager = \OC::$server->getNotificationManager(); $notification = $manager->createNotification(); @@ -257,7 +265,7 @@ class ShareController extends ApiController { ->setUser($user_id); $manager->markProcessed($notification); } - if($acl){ + if ($acl) { $this->shareService->deleteShareACL($acl); } return new JSONResponse(array('result' => true)); @@ -355,7 +363,7 @@ class ShareController extends ApiController { try { return new JSONResponse($this->shareService->getItemHistory($this->userId, $item_guid)); } catch (DoesNotExistException $ex) { - return new NotFoundResponse(); + return new NotFoundJSONResponse(); } } @@ -366,6 +374,8 @@ class ShareController extends ApiController { * @NoCSRFRequired */ public function getVaultItems($vault_guid) { + $this->isSharingEnabled(); + try { return new JSONResponse($this->shareService->getSharedItems($this->userId->getUID(), $vault_guid)); } catch (DoesNotExistException $ex) { @@ -404,7 +414,7 @@ class ShareController extends ApiController { $this->shareService->cleanItemRequestsForUser($sr); return new JSONResponse(array('result' => true)); } catch (DoesNotExistException $ex) { - return new NotFoundResponse(); + return new NotFoundJSONResponse(); } } @@ -416,15 +426,15 @@ class ShareController extends ApiController { * @PublicPage */ public function getPublicCredentialData($credential_guid) { - + $this->isSharingEnabled(); //@TODO Check expire date $acl = $this->shareService->getACL(null, $credential_guid); - if ($acl->getExpire() > 0 && Utils::getTime() > $acl->getExpire()) { + if ($acl->getExpire() > 0 && Utils::getTime() > $acl->getExpire()) { return new NotFoundJSONResponse(); } - $views = $acl->getExpireViews(); + $views = $acl->getExpireViews(); if ($views === 0) { return new NotFoundJSONResponse(); } else if ($views !== -1) { @@ -475,15 +485,15 @@ class ShareController extends ApiController { * @return JSONResponse * @return NotFoundResponse */ - public function getFile($item_guid, $file_guid){ + public function getFile($item_guid, $file_guid) { try { $credential = $this->credentialService->getCredentialByGUID($item_guid); - } catch (DoesNotExistException $e){ + } catch (DoesNotExistException $e) { return new NotFoundJSONResponse(); } $userId = ($this->userId) ? $this->userId->getUID() : null; $acl = $this->shareService->getACL($userId, $credential->getGuid()); - if (!$acl->hasPermission(SharingACL::FILES)){ + if (!$acl->hasPermission(SharingACL::FILES)) { return new NotFoundJSONResponse(); } else { return $this->fileService->getFileByGuid($file_guid); diff --git a/controller/translationcontroller.php b/controller/translationcontroller.php index 1bf3e06c..f5fabbaa 100644 --- a/controller/translationcontroller.php +++ b/controller/translationcontroller.php @@ -96,6 +96,11 @@ class TranslationController extends ApiController { 'credential.shared' => $this->trans->t('Credential shared'), 'saved' => $this->trans->t('Saved!'), + // js/app/controllers/vault.js + 'password.poor' => $this->trans->t('Poor'), + 'password.weak' => $this->trans->t('Weak'), + 'password.good' => $this->trans->t('Good'), + 'password.strong' => $this->trans->t('Strong'), // js/app/directives/credentialfield.js 'toggle.visibility' => $this->trans->t('Toggle visibility'), 'copy.field' => $this->trans->t('Copy to clipboard'), |