Welcome to mirror list, hosted at ThFree Co, Russian Federation.

github.com/nextcloud/richdocuments.git - Unnamed repository; edit this file 'description' to name the repository.
summaryrefslogtreecommitdiff
diff options
context:
space:
mode:
Diffstat
-rw-r--r--lib/Controller/OCSController.php15
1 files changed, 13 insertions, 2 deletions
diff --git a/lib/Controller/OCSController.php b/lib/Controller/OCSController.php
index 3294ea67..20927f4f 100644
--- a/lib/Controller/OCSController.php
+++ b/lib/Controller/OCSController.php
@@ -39,6 +39,7 @@ use OCP\Files\Node;
use OCP\Files\NotFoundException;
use OCP\IRequest;
use OCP\IURLGenerator;
+use OCP\Share\Exceptions\ShareNotFound;
use OCP\Share\IManager;
class OCSController extends \OCP\AppFramework\OCSController {
@@ -184,6 +185,7 @@ class OCSController extends \OCP\AppFramework\OCSController {
/**
* @PublicPage
* @NoCSRFRequired
+ * @BruteForceProtection(action=richdocumentsCreatePublicFromInitiator)
* @throws OCSForbiddenException
*/
public function createPublicFromInitiator(
@@ -193,9 +195,18 @@ class OCSController extends \OCP\AppFramework\OCSController {
string $path = '',
string $password = null
): DataResponse {
- $share = $this->shareManager->getShareByToken($shareToken);
+ try {
+ $share = $this->shareManager->getShareByToken($shareToken);
+ } catch (ShareNotFound $ex) {
+ $response = new DataResponse([], HTTP::STATUS_NOT_FOUND);
+ $response->throttle();
+ return $response;
+ }
+
if ($share->getPassword() && !$this->shareManager->checkPassword($share, $password)) {
- throw new OCSForbiddenException();
+ $response = new DataResponse([], HTTP::STATUS_FORBIDDEN);
+ $response->throttle();
+ return $response;
}
$node = $share->getNode();
generated by cgit v1.2.3 (git 2.25.1) at 2024-08-03 03:58:26 +0300