diff options
Diffstat (limited to 'lib')
-rw-r--r-- | lib/private/connector/sabre/auth.php | 16 | ||||
-rw-r--r-- | lib/private/session/internal.php | 14 | ||||
-rw-r--r-- | lib/private/session/memory.php | 20 | ||||
-rw-r--r-- | lib/private/session/session.php | 12 | ||||
-rw-r--r-- | lib/public/isession.php | 5 |
5 files changed, 64 insertions, 3 deletions
diff --git a/lib/private/connector/sabre/auth.php b/lib/private/connector/sabre/auth.php index 0c84fa6b757..5577273df8c 100644 --- a/lib/private/connector/sabre/auth.php +++ b/lib/private/connector/sabre/auth.php @@ -73,6 +73,20 @@ class OC_Connector_Sabre_Auth extends Sabre_DAV_Auth_Backend_AbstractBasic { */ public function authenticate(Sabre_DAV_Server $server, $realm) { + $result = $this->auth($server, $realm); + + // close the session - right after authentication there is not need to write to the session any more + \OC::$session->close(); + + return $result; + } + + /** + * @param Sabre_DAV_Server $server + * @param $realm + * @return bool + */ + private function auth(Sabre_DAV_Server $server, $realm) { if (OC_User::handleApacheAuth() || OC_User::isLoggedIn()) { $user = OC_User::getUser(); OC_Util::setupFS($user); @@ -81,5 +95,5 @@ class OC_Connector_Sabre_Auth extends Sabre_DAV_Auth_Backend_AbstractBasic { } return parent::authenticate($server, $realm); - } + } } diff --git a/lib/private/session/internal.php b/lib/private/session/internal.php index a7c9e2fdefd..42ec9606dc9 100644 --- a/lib/private/session/internal.php +++ b/lib/private/session/internal.php @@ -26,8 +26,7 @@ class Internal extends Memory { } public function __destruct() { - $_SESSION = array_merge($_SESSION, $this->data); - session_write_close(); + $this->close(); } /** @@ -47,4 +46,15 @@ class Internal extends Memory { @session_start(); $this->data = $_SESSION = array(); } + + public function close() { + $_SESSION = array_merge($_SESSION, $this->data); + session_write_close(); + + parent::close(); + } + + public function reopen() { + throw new \Exception('The session cannot be reopened - reopen() is ony to be used in unit testing.'); + } } diff --git a/lib/private/session/memory.php b/lib/private/session/memory.php index 1b9ac452575..1497c0f8928 100644 --- a/lib/private/session/memory.php +++ b/lib/private/session/memory.php @@ -28,6 +28,7 @@ class Memory extends Session { * @param integer $value */ public function set($key, $value) { + $this->validateSession(); $this->data[$key] = $value; } @@ -54,10 +55,29 @@ class Memory extends Session { * @param string $key */ public function remove($key) { + $this->validateSession(); unset($this->data[$key]); } public function clear() { $this->data = array(); } + + /** + * Helper function for PHPUnit execution - don't use in non-test code + */ + public function reopen() { + $this->sessionClosed = false; + } + + /** + * In case the session has already been locked an exception will be thrown + * + * @throws \Exception + */ + private function validateSession() { + if ($this->sessionClosed) { + throw new \Exception('Session has been closed - no further changes to the session as allowed'); + } + } } diff --git a/lib/private/session/session.php b/lib/private/session/session.php index fe160faa267..6f6c804f384 100644 --- a/lib/private/session/session.php +++ b/lib/private/session/session.php @@ -13,6 +13,11 @@ use OCP\ISession; abstract class Session implements \ArrayAccess, ISession { /** + * @var bool + */ + protected $sessionClosed = false; + + /** * $name serves as a namespace for the session keys * * @param string $name @@ -49,4 +54,11 @@ abstract class Session implements \ArrayAccess, ISession { public function offsetUnset($offset) { $this->remove($offset); } + + /** + * Close the session and release the lock + */ + public function close() { + $this->sessionClosed = true; + } } diff --git a/lib/public/isession.php b/lib/public/isession.php index 20da712cda3..dc5719625cc 100644 --- a/lib/public/isession.php +++ b/lib/public/isession.php @@ -75,4 +75,9 @@ interface ISession { */ public function clear(); + /** + * Close the session and release the lock + */ + public function close(); + } |