diff options
author | binsky <timo@binsky.org> | 2021-10-23 20:59:13 +0300 |
---|---|---|
committer | binsky <timo@binsky.org> | 2021-10-23 20:59:13 +0300 |
commit | d9815b3ca3bdd4c4ce59cc3ae03bd64b607de042 (patch) | |
tree | db7a1fba69b0fa48c80d879ff8861d9463cb4886 /controller | |
parent | e9f0beb0a61c71cc19be409d7b2e1126897d580a (diff) |
do not collect all credential guids for vault deletion; use custom file mass deletion endpoint
Signed-off-by: binsky <timo@binsky.org>
Diffstat (limited to 'controller')
-rw-r--r-- | controller/filecontroller.php | 47 | ||||
-rw-r--r-- | controller/vaultcontroller.php | 29 |
2 files changed, 42 insertions, 34 deletions
diff --git a/controller/filecontroller.php b/controller/filecontroller.php index c2d151a8..1a865fe9 100644 --- a/controller/filecontroller.php +++ b/controller/filecontroller.php @@ -11,19 +11,20 @@ namespace OCA\Passman\Controller; +use OCA\Passman\Service\FileService; +use OCP\AppFramework\ApiController; use OCP\AppFramework\Db\DoesNotExistException; -use OCP\IRequest; use OCP\AppFramework\Http\JSONResponse; -use OCP\AppFramework\ApiController; -use OCA\Passman\Service\FileService; +use OCP\IRequest; class FileController extends ApiController { private $userId; private $fileService; + public function __construct($AppName, - IRequest $request, - $UserId, - FileService $fileService){ + IRequest $request, + $UserId, + FileService $fileService) { parent::__construct( $AppName, $request, @@ -57,6 +58,7 @@ class FileController extends ApiController { public function getFile($file_id) { return new JSONResponse($this->fileService->getFile($file_id, $this->userId)); } + /** * @NoAdminRequired * @NoCSRFRequired @@ -65,22 +67,39 @@ class FileController extends ApiController { return new JSONResponse($this->fileService->deleteFile($file_id, $this->userId)); } - public function updateFile($file_id, $file_data, $filename){ - try{ + /** + * @NoAdminRequired + * @NoCSRFRequired + */ + public function deleteFiles($file_ids) { + if ($file_ids != null && !empty($file_ids)) { + foreach (json_decode($file_ids) as $file_id) { + try { + $this->fileService->deleteFile($file_id, $this->userId); + } catch (\Exception $e) { + continue; + } + } + } + return new JSONResponse(array('ok' => true)); + } + + public function updateFile($file_id, $file_data, $filename) { + try { $file = $this->fileService->getFile($file_id, $this->userId); - } catch (\Exception $doesNotExistException){ + } catch (\Exception $doesNotExistException) { } - if($file){ - if($file_data) { + if ($file) { + if ($file_data) { $file->setFileData($file_data); } - if($filename) { + if ($filename) { $file->setFilename($filename); } - if($filename || $file_data){ + if ($filename || $file_data) { new JSONResponse($this->fileService->updateFile($file)); } } } -}
\ No newline at end of file +} diff --git a/controller/vaultcontroller.php b/controller/vaultcontroller.php index f6e2a3c0..b0616bb5 100644 --- a/controller/vaultcontroller.php +++ b/controller/vaultcontroller.php @@ -168,11 +168,14 @@ class VaultController extends ApiController { * @NoAdminRequired * @NoCSRFRequired */ - public function deleteVaultContent($credential_guids, $file_ids) { - if ($credential_guids != null && !empty($credential_guids)) { - foreach (json_decode($credential_guids) as $credential_guid) { + public function delete($vault_guid) { + try { + $vault = $this->vaultService->getByGuid($vault_guid, $this->userId); + $credentials = $this->credentialService->getCredentialsByVaultId($vault->getId(), $this->userId); + + foreach ($credentials as $credential) { try { - $credential = $this->credentialService->getCredentialByGUID($credential_guid, $this->userId); + // $credential = $this->credentialService->getCredentialByGUID($credential_guid, $this->userId); if ($credential instanceof Credential) { $this->credentialService->deleteCredentiaL($credential); $this->credentialService->deleteCredentialParts($credential, $this->userId); @@ -181,24 +184,10 @@ class VaultController extends ApiController { continue; } } + } catch (\Exception $e) { + return new NotFoundJSONResponse(); } - if ($file_ids != null && !empty($file_ids)) { - foreach (json_decode($file_ids) as $file_id) { - try { - $this->fileService->deleteFile($file_id, $this->userId); - } catch (\Exception $e) { - continue; - } - } - } - return new JSONResponse(array('ok' => true)); - } - /** - * @NoAdminRequired - * @NoCSRFRequired - */ - public function delete($vault_guid) { $this->vaultService->deleteVault($vault_guid, $this->userId); return new JSONResponse(array('ok' => true)); } |