public function setRSSToken($rssToken)
{
if ($rssToken) {
$this->rssLink = $this->URLGenerator->getAbsoluteURL($this->URLGenerator->linkToRoute('activity.rss', array('token' => $rssToken)));
} else {
$this->rssLink = '';
}
}
/**
* Construct
*
* @param \OC_L10N $l
* @param \OCP\Activity\IManager $manager
* @param \OCP\IURLGenerator $URLGenerator
* @param string $rssToken
* @param null|string $active Navigation entry that should be marked as active
*/
public function __construct(\OC_L10N $l, IManager $manager, IURLGenerator $URLGenerator, $rssToken, $active = 'all')
{
$this->l = $l;
$this->activityManager = $manager;
$this->URLGenerator = $URLGenerator;
$this->active = $active;
if ($rssToken) {
$this->rssLink = $this->URLGenerator->getAbsoluteURL($this->URLGenerator->linkToRoute('activity.rss', array('token' => $rssToken)));
} else {
$this->rssLink = '';
}
}
protected function run($argument)
{
$target = $argument['url'];
$source = $this->urlGenerator->getAbsoluteURL('/');
$source = rtrim($source, '/');
$token = $argument['token'];
try {
$result = $this->httpClient->get($target . $this->endPoint, ['query' => ['url' => $source, 'token' => $token], 'timeout' => 3, 'connect_timeout' => 3]);
$status = $result->getStatusCode();
} catch (ClientException $e) {
$status = $e->getCode();
$this->logger->logException($e);
}
// if we received a unexpected response we try again later
if ($status !== Http::STATUS_OK && $status !== Http::STATUS_FORBIDDEN) {
$this->jobList->add('OCA\\Federation\\BackgroundJob\\GetSharedSecret', $argument);
} else {
// reset token if we received a valid response
$this->dbHandler->addToken($target, '');
}
if ($status === Http::STATUS_OK) {
$body = $result->getBody();
$result = json_decode($body, true);
if (isset($result['ocs']['data']['sharedSecret'])) {
$this->trustedServers->addSharedSecret($target, $result['ocs']['data']['sharedSecret']);
} else {
$this->logger->error('remote server "' . $target . '"" does not return a valid shared secret', ['app' => 'federation']);
$this->trustedServers->setServerStatus($target, TrustedServers::STATUS_FAILURE);
}
}
}
protected function run($argument)
{
$target = $argument['url'];
$source = $this->urlGenerator->getAbsoluteURL('/');
$source = rtrim($source, '/');
$token = $argument['token'];
try {
$result = $this->httpClient->post($target . $this->endPoint, ['body' => ['url' => $source, 'token' => $token], 'timeout' => 3, 'connect_timeout' => 3]);
$status = $result->getStatusCode();
} catch (ClientException $e) {
$status = $e->getCode();
$this->logger->logException($e);
} catch (\Exception $e) {
$status = HTTP::STATUS_INTERNAL_SERVER_ERROR;
$this->logger->logException($e);
}
// if we received a unexpected response we try again later
if ($status !== Http::STATUS_OK && $status !== Http::STATUS_FORBIDDEN) {
$this->jobList->add('OCA\\Federation\\BackgroundJob\\RequestSharedSecret', $argument);
}
if ($status === Http::STATUS_FORBIDDEN) {
// clear token if remote server refuses to ask for shared secret
$this->dbHandler->addToken($target, '');
}
}
/**
* Send a notification to one user
*
* @param string $userName Username of the recipient
* @param string $email Email address of the recipient
* @param string $lang Selected language of the recipient
* @param string $timezone Selected timezone of the recipient
* @param int $maxTime
*/
public function sendEmailToUser($userName, $email, $lang, $timezone, $maxTime)
{
$user = $this->userManager->get($userName);
if (!$user instanceof IUser) {
return;
}
list($mailData, $skippedCount) = $this->getItemsForUser($userName, $maxTime);
$l = $this->getLanguage($lang);
$this->dataHelper->setUser($userName);
$this->dataHelper->setL10n($l);
$activityList = array();
foreach ($mailData as $activity) {
$relativeDateTime = $this->dateFormatter->formatDateTimeRelativeDay($activity['amq_timestamp'], 'long', 'medium', new \DateTimeZone($timezone), $l);
$activityList[] = array($this->dataHelper->translation($activity['amq_appid'], $activity['amq_subject'], $this->dataHelper->getParameters($activity['amq_subjectparams'])), $relativeDateTime);
}
$alttext = new Template('activity', 'email.notification', '');
$alttext->assign('username', $user->getDisplayName());
$alttext->assign('activities', $activityList);
$alttext->assign('skippedCount', $skippedCount);
$alttext->assign('owncloud_installation', $this->urlGenerator->getAbsoluteURL('/'));
$alttext->assign('overwriteL10N', $l);
$emailText = $alttext->fetchPage();
$message = $this->mailer->createMessage();
$message->setTo([$email => $user->getDisplayName()]);
$message->setSubject((string) $l->t('Activity notification'));
$message->setPlainBody($emailText);
$message->setFrom([$this->getSenderData('email') => $this->getSenderData('name')]);
$this->mailer->send($message);
}
/**
* @NoAdminRequired
*
* @param string $username
* @param string $password
* @param array $groups
* @param string $email
* @return DataResponse
*/
public function create($username, $password, array $groups = array(), $email = '')
{
if ($email !== '' && !$this->mail->validateAddress($email)) {
return new DataResponse(array('message' => (string) $this->l10n->t('Invalid mail address')), Http::STATUS_UNPROCESSABLE_ENTITY);
}
if (!$this->isAdmin) {
$userId = $this->userSession->getUser()->getUID();
if (!empty($groups)) {
foreach ($groups as $key => $group) {
if (!$this->subAdminFactory->isGroupAccessible($userId, $group)) {
unset($groups[$key]);
}
}
}
if (empty($groups)) {
$groups = $this->subAdminFactory->getSubAdminsOfGroups($userId);
}
}
if ($this->userManager->userExists($username)) {
return new DataResponse(array('message' => (string) $this->l10n->t('A user with that name already exists.')), Http::STATUS_CONFLICT);
}
try {
$user = $this->userManager->createUser($username, $password);
} catch (\Exception $exception) {
return new DataResponse(array('message' => (string) $this->l10n->t('Unable to create user.')), Http::STATUS_FORBIDDEN);
}
if ($user instanceof User) {
if ($groups !== null) {
foreach ($groups as $groupName) {
$group = $this->groupManager->get($groupName);
if (empty($group)) {
$group = $this->groupManager->createGroup($groupName);
}
$group->addUser($user);
}
}
/**
* Send new user mail only if a mail is set
*/
if ($email !== '') {
$this->config->setUserValue($username, 'settings', 'email', $email);
// data for the mail template
$mailData = array('username' => $username, 'url' => $this->urlGenerator->getAbsoluteURL('/'));
$mail = new TemplateResponse('settings', 'email.new_user', $mailData, 'blank');
$mailContent = $mail->render();
$mail = new TemplateResponse('settings', 'email.new_user_plain_text', $mailData, 'blank');
$plainTextMailContent = $mail->render();
$subject = $this->l10n->t('Your %s account was created', [$this->defaults->getName()]);
try {
$this->mail->send($email, $username, $subject, $mailContent, $this->fromMailAddress, $this->defaults->getName(), 1, $plainTextMailContent);
} catch (\Exception $e) {
$this->log->error("Can't send new user mail to {$email}: " . $e->getMessage(), array('app' => 'settings'));
}
}
// fetch users groups
$userGroups = $this->groupManager->getUserGroupIds($user);
return new DataResponse($this->formatUserForIndex($user, $userGroups), Http::STATUS_CREATED);
}
return new DataResponse(array('message' => (string) $this->l10n->t('Unable to create user.')), Http::STATUS_FORBIDDEN);
}
/**
* Generates a bunch of pagination links for the current page
*
* @param int $page Current page
* @param array $params Parameters for the URL
* @return string
*/
protected function getPaginationLink($page, array $params)
{
if ($this->isV2()) {
$url = $this->urlGenerator->getAbsoluteURL('/ocs/v2.php/apps/files_sharing/api/v1/sharees') . '?';
} else {
$url = $this->urlGenerator->getAbsoluteURL('/ocs/v1.php/apps/files_sharing/api/v1/sharees') . '?';
}
$params['page'] = $page + 1;
$link = '<' . $url . http_build_query($params) . '>; rel="next"';
return $link;
}
/**
* @NoAdminRequired
* @NoCSRFRequired
* @UseSession
*
* @param string $challengeProviderId
* @param string $challenge
* @param string $redirect_url
* @return RedirectResponse
*/
public function solveChallenge($challengeProviderId, $challenge, $redirect_url = null)
{
$user = $this->userSession->getUser();
$provider = $this->twoFactorManager->getProvider($user, $challengeProviderId);
if (is_null($provider)) {
return new RedirectResponse($this->urlGenerator->linkToRoute('core.TwoFactorChallenge.selectChallenge'));
}
if ($this->twoFactorManager->verifyChallenge($challengeProviderId, $user, $challenge)) {
if (!is_null($redirect_url)) {
return new RedirectResponse($this->urlGenerator->getAbsoluteURL(urldecode($redirect_url)));
}
return new RedirectResponse($this->urlGenerator->linkToRoute('files.view.index'));
}
$this->session->set('two_factor_auth_error', true);
return new RedirectResponse($this->urlGenerator->linkToRoute('core.TwoFactorChallenge.showChallenge', ['challengeProviderId' => $provider->getId(), 'redirect_url' => $redirect_url]));
}
/**
* create array with all vCard properties
*
* @param string $uri
* @param VCard $vCard
* @return array
*/
protected function vCard2Array($uri, VCard $vCard)
{
$result = ['URI' => $uri];
foreach ($vCard->children as $property) {
$result[$property->name] = $property->getValue();
if ($property->name === 'PHOTO' && $property->getValueType() === 'BINARY') {
$url = $this->urlGenerator->getAbsoluteURL($this->urlGenerator->linkTo('', 'remote.php') . '/dav/');
$url .= implode('/', ['addressbooks', substr($this->addressBookInfo['principaluri'], 11), $this->addressBookInfo['uri'], $uri]) . '?photo';
$result['PHOTO'] = 'VALUE=uri:' . $url;
} else {
$result[$property->name] = $property->getValue();
}
}
if ($this->addressBookInfo['principaluri'] === 'principals/system/system' && $this->addressBookInfo['uri'] === 'system') {
$result['isLocalSystemBook'] = true;
}
return $result;
}
/**
* @PublicPage
* @UseSession
*
* @param string $user
* @param string $password
* @param string $redirect_url
* @return RedirectResponse
*/
public function tryLogin($user, $password, $redirect_url)
{
$originalUser = $user;
// TODO: Add all the insane error handling
/* @var $loginResult IUser */
$loginResult = $this->userManager->checkPassword($user, $password);
if ($loginResult === false) {
$users = $this->userManager->getByEmail($user);
// we only allow login by email if unique
if (count($users) === 1) {
$user = $users[0]->getUID();
$loginResult = $this->userManager->checkPassword($user, $password);
}
}
if ($loginResult === false) {
$this->session->set('loginMessages', [['invalidpassword']]);
// Read current user and append if possible - we need to return the unmodified user otherwise we will leak the login name
$args = !is_null($user) ? ['user' => $originalUser] : [];
return new RedirectResponse($this->urlGenerator->linkToRoute('core.login.showLoginForm', $args));
}
// TODO: remove password checks from above and let the user session handle failures
// requires https://github.com/owncloud/core/pull/24616
$this->userSession->login($user, $password);
$this->userSession->createSessionToken($this->request, $loginResult->getUID(), $user, $password);
if ($this->twoFactorManager->isTwoFactorAuthenticated($loginResult)) {
$this->twoFactorManager->prepareTwoFactorLogin($loginResult);
if (!is_null($redirect_url)) {
return new RedirectResponse($this->urlGenerator->linkToRoute('core.TwoFactorChallenge.selectChallenge', ['redirect_url' => $redirect_url]));
}
return new RedirectResponse($this->urlGenerator->linkToRoute('core.TwoFactorChallenge.selectChallenge'));
}
if (!is_null($redirect_url) && $this->userSession->isLoggedIn()) {
$location = $this->urlGenerator->getAbsoluteURL(urldecode($redirect_url));
// Deny the redirect if the URL contains a @
// This prevents unvalidated redirects like ?redirect_url=:user@domain.com
if (strpos($location, '@') === false) {
return new RedirectResponse($location);
}
}
return new RedirectResponse($this->urlGenerator->linkToRoute('files.view.index'));
}
/**
* If an SecurityException is being caught, ajax requests return a JSON error
* response and non ajax requests redirect to the index
* @param Controller $controller the controller that is being called
* @param string $methodName the name of the method that will be called on
* the controller
* @param \Exception $exception the thrown exception
* @throws \Exception the passed in exception if it cant handle it
* @return Response a Response object or null in case that the exception could not be handled
*/
public function afterException($controller, $methodName, \Exception $exception)
{
if ($exception instanceof SecurityException) {
if (stripos($this->request->getHeader('Accept'), 'html') === false) {
$response = new JSONResponse(array('message' => $exception->getMessage()), $exception->getCode());
} else {
if ($exception instanceof NotLoggedInException) {
// TODO: replace with link to route
$url = $this->urlGenerator->getAbsoluteURL('index.php');
$url .= '?redirect_url=' . urlencode($this->request->server['REQUEST_URI']);
$response = new RedirectResponse($url);
} else {
$response = new TemplateResponse('core', '403', ['file' => $exception->getMessage()], 'guest');
$response->setStatus($exception->getCode());
}
}
$this->logger->debug($exception->getMessage());
return $response;
}
throw $exception;
}
protected function run($argument)
{
$target = $argument['url'];
$source = $this->urlGenerator->getAbsoluteURL('/');
$source = rtrim($source, '/');
$token = $argument['token'];
$result = null;
try {
$result = $this->httpClient->get($target . $this->endPoint, ['query' => ['url' => $source, 'token' => $token], 'timeout' => 3, 'connect_timeout' => 3]);
$status = $result->getStatusCode();
} catch (ClientException $e) {
$status = $e->getCode();
if ($status === Http::STATUS_FORBIDDEN) {
$this->logger->info($target . ' refused to exchange a shared secret with you.', ['app' => 'federation']);
} else {
$this->logger->logException($e, ['app' => 'federation']);
}
} catch (\Exception $e) {
$status = Http::STATUS_INTERNAL_SERVER_ERROR;
$this->logger->logException($e, ['app' => 'federation']);
}
// if we received a unexpected response we try again later
if ($status !== Http::STATUS_OK && $status !== Http::STATUS_FORBIDDEN) {
$this->retainJob = true;
} else {
// reset token if we received a valid response
$this->dbHandler->addToken($target, '');
}
if ($status === Http::STATUS_OK && $result instanceof IResponse) {
$body = $result->getBody();
$result = json_decode($body, true);
if (isset($result['ocs']['data']['sharedSecret'])) {
$this->trustedServers->addSharedSecret($target, $result['ocs']['data']['sharedSecret']);
} else {
$this->logger->error('remote server "' . $target . '"" does not return a valid shared secret', ['app' => 'federation']);
$this->trustedServers->setServerStatus($target, TrustedServers::STATUS_FAILURE);
}
}
}
/**
* get the federation cloud id
*
* @return string
* @since 9.0.0
*/
public function getCloudId()
{
$uid = $this->getUID();
$server = $this->urlGenerator->getAbsoluteURL('/');
return $uid . '@' . rtrim($this->removeProtocolFromUrl($server), '/');
}
/**
* generate remote URL part of federated ID
*
* @return string url of the current server
*/
public function generateRemoteURL()
{
$url = $this->urlGenerator->getAbsoluteURL('/');
return $url;
}
