diff options
author | dartcafe <github@dartcafe.de> | 2020-05-28 19:13:30 +0300 |
---|---|---|
committer | dartcafe <github@dartcafe.de> | 2020-05-28 19:13:30 +0300 |
commit | bbb8f42103b7fab73c426adeb386332a68ac4898 (patch) | |
tree | 636ef05a475d023a41d629c53015cf43f3a7353e /lib | |
parent | da57eda5a344d4376ff46940032a7058fd563fe6 (diff) |
Temporay added @NoCSRFRequired
Diffstat (limited to 'lib')
-rw-r--r-- | lib/Controller/CommentController.php | 6 | ||||
-rw-r--r-- | lib/Controller/OptionController.php | 5 | ||||
-rw-r--r-- | lib/Controller/PollController.php | 4 | ||||
-rw-r--r-- | lib/Controller/ShareController.php | 10 | ||||
-rw-r--r-- | lib/Controller/SubscriptionController.php | 2 | ||||
-rw-r--r-- | lib/Controller/SystemController.php | 23 | ||||
-rw-r--r-- | lib/Controller/VoteController.php | 3 |
7 files changed, 21 insertions, 32 deletions
diff --git a/lib/Controller/CommentController.php b/lib/Controller/CommentController.php index 7767a819..082bbbb3 100644 --- a/lib/Controller/CommentController.php +++ b/lib/Controller/CommentController.php @@ -92,6 +92,7 @@ class CommentController extends Controller { * get * Read all comments of a poll based on the poll id and return list as array * @NoAdminRequired + * @NoCSRFRequired * @param integer $pollId * @return DataResponse */ @@ -137,7 +138,6 @@ class CommentController extends Controller { } /** - * write * Write a new comment to the db and returns the new comment as array * @NoAdminRequired * @NoCSRFRequired @@ -147,7 +147,6 @@ class CommentController extends Controller { * @return DataResponse */ public function write($pollId, $userId, $message) { - $this->logger->alert('write'); if (!\OC::$server->getUserSession()->isLoggedIn() && !$this->acl->getFoundByToken()) { $this->logger->alert('not allowed ' . json_encode(\OC::$server->getUserSession()->isLoggedIn())); return new DataResponse(null, Http::STATUS_UNAUTHORIZED); @@ -176,8 +175,6 @@ class CommentController extends Controller { return new DataResponse(null, Http::STATUS_UNAUTHORIZED); } - - $this->logger->alert('ok ' . json_encode($comment)); return new DataResponse($comment, Http::STATUS_OK); } @@ -209,6 +206,7 @@ class CommentController extends Controller { /** * delete * Delete Comment + * @NoCSRFRequired * @NoAdminRequired * @param int $pollId * @param string $message diff --git a/lib/Controller/OptionController.php b/lib/Controller/OptionController.php index e078fefa..4186bd0b 100644 --- a/lib/Controller/OptionController.php +++ b/lib/Controller/OptionController.php @@ -121,6 +121,7 @@ class OptionController extends Controller { /** * Get all options of given poll * @NoAdminRequired + * @NoCSRFRequired * @param integer $pollId * @return array Array of Option objects */ @@ -166,6 +167,7 @@ class OptionController extends Controller { /** * Add a new Option to poll * @NoAdminRequired + * @NoCSRFRequired * @param Option $option * @return DataResponse */ @@ -189,6 +191,7 @@ class OptionController extends Controller { /** * Update poll option * @NoAdminRequired + * @NoCSRFRequired * @param Option $option * @return DataResponse */ @@ -212,6 +215,7 @@ class OptionController extends Controller { /** * Remove a single option * @NoAdminRequired + * @NoCSRFRequired * @param Option $option * @return DataResponse */ @@ -239,6 +243,7 @@ class OptionController extends Controller { /** * Set order by order of the given array * @NoAdminRequired + * @NoCSRFRequired * @param Array $options * @return DataResponse */ diff --git a/lib/Controller/PollController.php b/lib/Controller/PollController.php index 9b535fe0..b3494c4c 100644 --- a/lib/Controller/PollController.php +++ b/lib/Controller/PollController.php @@ -239,6 +239,7 @@ /** * delete * @NoAdminRequired + * @NoCSRFRequired * @param Array $poll * @return DataResponse */ @@ -273,6 +274,7 @@ /** * deletePermanently * @NoAdminRequired + * @NoCSRFRequired * @param Array $poll * @return DataResponse */ @@ -305,6 +307,7 @@ /** * write * @NoAdminRequired + * @NoCSRFRequired * @param Array $poll * @return DataResponse */ @@ -360,6 +363,7 @@ /** * clone * @NoAdminRequired + * @NoCSRFRequired * @param integer $pollId * @return DataResponse */ diff --git a/lib/Controller/ShareController.php b/lib/Controller/ShareController.php index f763ff5b..15eee195 100644 --- a/lib/Controller/ShareController.php +++ b/lib/Controller/ShareController.php @@ -112,6 +112,7 @@ class ShareController extends Controller { * get * Read all shares of a poll based on the poll id and return list as array * @NoAdminRequired + * @NoCSRFRequired * @param integer $pollId * @return DataResponse */ @@ -134,9 +135,9 @@ class ShareController extends Controller { } /** - * write * Write a new share to the db and returns the new share as array * @NoAdminRequired + * @NoCSRFRequired * @param int $pollId * @param string $message * @return DataResponse @@ -161,9 +162,7 @@ class ShareController extends Controller { try { $newShare = $this->mapper->insert($newShare); - // $this->logger->debug('Share inserted, sending out invitation mail now.'); $sendResult = $this->mailService->sendInvitationMail($newShare->getToken()); - // $this->logger->debug('Sending result ' . json_encode($sendResult)); return new DataResponse([ 'share' => $newShare, @@ -179,9 +178,9 @@ class ShareController extends Controller { /** * createPersonalShare * Write a new share to the db and returns the new share as array - * or * @NoAdminRequired * @PublicPage + * @NoCSRFRequired * @param int $pollId * @param string $message * @return DataResponse @@ -212,7 +211,6 @@ class ShareController extends Controller { $userShare->setPollId($publicShare->getPollId()); $userShare->setUserId($userName); $userShare->setUserEmail(''); - $this->logger->debug('Create share: ' . json_encode($userShare)); $userShare = $this->mapper->insert($userShare); return new DataResponse($userShare, Http::STATUS_OK); @@ -221,7 +219,6 @@ class ShareController extends Controller { $publicShare->setType('external'); $publicShare->setUserId($userName); $this->mapper->update($publicShare); - $this->logger->alert(json_encode($publicShare)); return new DataResponse($publicShare, Http::STATUS_OK); } else { @@ -238,6 +235,7 @@ class ShareController extends Controller { * remove * remove share * @NoAdminRequired + * @NoCSRFRequired * @param Share $share * @return DataResponse */ diff --git a/lib/Controller/SubscriptionController.php b/lib/Controller/SubscriptionController.php index d4da1bcb..8a5bf445 100644 --- a/lib/Controller/SubscriptionController.php +++ b/lib/Controller/SubscriptionController.php @@ -68,6 +68,7 @@ class SubscriptionController extends Controller { /** * @NoAdminRequired + * @NoCSRFRequired * @param integer $pollId * @return DataResponse */ @@ -89,6 +90,7 @@ class SubscriptionController extends Controller { /** * @NoAdminRequired + * @NoCSRFRequired * @param integer $pollId */ public function set($pollId, $subscribed) { diff --git a/lib/Controller/SystemController.php b/lib/Controller/SystemController.php index ad091d6e..86051bfb 100644 --- a/lib/Controller/SystemController.php +++ b/lib/Controller/SystemController.php @@ -94,6 +94,7 @@ class SystemController extends Controller { /** * Get a list of NC users, groups and contacts * @NoAdminRequired + * @NoCSRFRequired * @param string $query * @param bool $getGroups - search in groups * @param bool $getUsers - search in site users @@ -311,26 +312,4 @@ class SystemController extends Controller { return $this->userId; } } - - - - // - // - // /** - // * Get some system informations - // * @NoAdminRequired - // * @return DataResponse - // */ - // public function getSystem() { - // $data = array(); - // - // $data['system'] = [ - // 'versionArray' => \OCP\Util::getVersion(), - // 'version' => implode('.', \OCP\Util::getVersion()), - // 'vendor' => $this->getVendor(), - // 'language' => $this->systemConfig->getUserValue($this->userId, 'core', 'lang') - // ]; - // - // return new DataResponse($data, Http::STATUS_OK); - // } } diff --git a/lib/Controller/VoteController.php b/lib/Controller/VoteController.php index 7ce4b423..ad8936bd 100644 --- a/lib/Controller/VoteController.php +++ b/lib/Controller/VoteController.php @@ -100,6 +100,7 @@ class VoteController extends Controller { * Get all votes of given poll * Read all votes of a poll based on the poll id and return list as array * @NoAdminRequired + * @NoCSRFRequired * @param integer $pollId * @return DataResponse */ @@ -129,6 +130,7 @@ class VoteController extends Controller { /** * set * @NoAdminRequired + * @NoCSRFRequired * @param integer $pollId * @param Array $option * @param string $userId @@ -164,6 +166,7 @@ class VoteController extends Controller { /** * delete * @NoAdminRequired + * @NoCSRFRequired * @param integer $voteId * @param string $userId * @param integer $pollId |