/**
* Do security precheck for not logged in users
* @param bool callcheck - whether security token check is needed
*/
public static function preDispatchGuest($callcheck = true)
{
if ($callcheck) {
\OCP\JSON::callCheck();
}
\OCP\JSON::checkAppEnabled('documents');
}
/**
* @NoAdminRequired
* @NoCSRFRequired
*/
public function Add()
{
\OCP\JSON::setContentTypeHeader('application/json');
if (isset($_POST['FILE']) && strlen($_POST['FILE']) > 0 && Tools::CheckURL($_POST['FILE']) && isset($_POST['OPTIONS'])) {
try {
$Target = Tools::CleanString(substr($_POST['FILE'], strrpos($_POST['FILE'], '/') + 1));
// If target file exists, create a new one
if (\OC\Files\Filesystem::file_exists($this->DownloadsFolder . '/' . $Target)) {
$Target = time() . '_' . $Target;
}
// Create the target file if the downloader is Aria2
if ($this->WhichDownloader == 0) {
\OC\Files\Filesystem::touch($this->DownloadsFolder . '/' . $Target);
} else {
if (!\OC\Files\Filesystem::is_dir($this->DownloadsFolder)) {
\OC\Files\Filesystem::mkdir($this->DownloadsFolder);
}
}
// Build OPTIONS array
$OPTIONS = array('dir' => $this->AbsoluteDownloadsFolder, 'out' => $Target, 'follow-torrent' => false);
if (isset($_POST['OPTIONS']['FTPUser']) && strlen(trim($_POST['OPTIONS']['FTPUser'])) > 0 && isset($_POST['OPTIONS']['FTPPasswd']) && strlen(trim($_POST['OPTIONS']['FTPPasswd'])) > 0) {
$OPTIONS['ftp-user'] = $_POST['OPTIONS']['FTPUser'];
$OPTIONS['ftp-passwd'] = $_POST['OPTIONS']['FTPPasswd'];
}
if (isset($_POST['OPTIONS']['FTPPasv']) && strlen(trim($_POST['OPTIONS']['FTPPasv'])) > 0) {
$OPTIONS['ftp-pasv'] = strcmp($_POST['OPTIONS']['FTPPasv'], "true") == 0 ? true : false;
}
if (!$this->ProxyOnlyWithYTDL && !is_null($this->ProxyAddress) && $this->ProxyPort > 0 && $this->ProxyPort <= 65536) {
$OPTIONS['all-proxy'] = rtrim($this->ProxyAddress, '/') . ':' . $this->ProxyPort;
if (!is_null($this->ProxyUser) && !is_null($this->ProxyPasswd)) {
$OPTIONS['all-proxy-user'] = $this->ProxyUser;
$OPTIONS['all-proxy-passwd'] = $this->ProxyPasswd;
}
}
$AddURI = $this->WhichDownloader == 0 ? Aria2::AddUri(array($_POST['FILE']), array('Params' => $OPTIONS)) : CURL::AddUri($_POST['FILE'], $OPTIONS);
if (isset($AddURI['result']) && !is_null($AddURI['result'])) {
$SQL = 'INSERT INTO `*PREFIX*ocdownloader_queue` (`UID`, `GID`, `FILENAME`, `PROTOCOL`, `STATUS`, `TIMESTAMP`) VALUES (?, ?, ?, ?, ?, ?)';
if ($this->DbType == 1) {
$SQL = 'INSERT INTO *PREFIX*ocdownloader_queue ("UID", "GID", "FILENAME", "PROTOCOL", "STATUS", "TIMESTAMP") VALUES (?, ?, ?, ?, ?, ?)';
}
$Query = \OCP\DB::prepare($SQL);
$Result = $Query->execute(array($this->CurrentUID, $AddURI['result'], $Target, strtoupper(substr($_POST['FILE'], 0, strpos($_POST['FILE'], ':'))), 1, time()));
sleep(1);
$Status = $this->WhichDownloader == 0 ? Aria2::TellStatus($AddURI['result']) : CURL::TellStatus($AddURI['result']);
$Progress = 0;
if ($Status['result']['totalLength'] > 0) {
$Progress = $Status['result']['completedLength'] / $Status['result']['totalLength'];
}
$ProgressString = Tools::GetProgressString($Status['result']['completedLength'], $Status['result']['totalLength'], $Progress);
return new JSONResponse(array('ERROR' => false, 'MESSAGE' => (string) $this->L10N->t('Download started'), 'GID' => $AddURI['result'], 'PROGRESSVAL' => round($Progress * 100, 2) . '%', 'PROGRESS' => is_null($ProgressString) ? (string) $this->L10N->t('N/A') : $ProgressString, 'STATUS' => isset($Status['result']['status']) ? (string) $this->L10N->t(ucfirst($Status['result']['status'])) : (string) $this->L10N->t('N/A'), 'STATUSID' => Tools::GetDownloadStatusID($Status['result']['status']), 'SPEED' => isset($Status['result']['downloadSpeed']) ? Tools::FormatSizeUnits($Status['result']['downloadSpeed']) . '/s' : (string) $this->L10N->t('N/A'), 'FILENAME' => strlen($Target) > 40 ? substr($Target, 0, 40) . '...' : $Target, 'PROTO' => strtoupper(substr($_POST['FILE'], 0, strpos($_POST['FILE'], ':'))), 'ISTORRENT' => false));
} else {
return new JSONResponse(array('ERROR' => true, 'MESSAGE' => (string) $this->L10N->t($this->WhichDownloader == 0 ? 'Returned GID is null ! Is Aria2c running as a daemon ?' : 'An error occurred while running the CURL download')));
}
} catch (Exception $E) {
return new JSONResponse(array('ERROR' => true, 'MESSAGE' => $E->getMessage()));
}
} else {
return new JSONResponse(array('ERROR' => true, 'MESSAGE' => (string) $this->L10N->t('Please check the URL you\'ve just provided')));
}
}
/**
*@PublicPage
* @NoCSRFRequired
*
*/
public function exportEvents()
{
$token = $this->params('t');
$calid = null;
$eventid = null;
if (isset($token)) {
$linkItem = \OCP\Share::getShareByToken($token, false);
if (is_array($linkItem) && isset($linkItem['uid_owner'])) {
$rootLinkItem = \OCP\Share::resolveReShare($linkItem);
if (isset($rootLinkItem['uid_owner'])) {
\OCP\JSON::checkUserExists($rootLinkItem['uid_owner']);
if ($linkItem['item_type'] === CalendarApp::SHARECALENDAR) {
$sPrefix = CalendarApp::SHARECALENDARPREFIX;
}
if ($linkItem['item_type'] === CalendarApp::SHAREEVENT) {
$sPrefix = CalendarApp::SHAREEVENTPREFIX;
}
if ($linkItem['item_type'] === CalendarApp::SHARETODO) {
$sPrefix = CalendarApp::SHARETODOPREFIX;
}
$itemSource = CalendarApp::validateItemSource($linkItem['item_source'], $sPrefix);
if ($linkItem['item_type'] === CalendarApp::SHARECALENDAR) {
$calid = $itemSource;
}
if ($linkItem['item_type'] === CalendarApp::SHAREEVENT || $linkItem['item_type'] === CalendarApp::SHARETODO) {
$eventid = $itemSource;
}
}
}
} else {
if (\OCP\User::isLoggedIn()) {
$calid = $this->params('calid');
$eventid = $this->params('eventid');
}
}
if (!is_null($calid)) {
$calendar = CalendarApp::getCalendar($calid, true);
if (!$calendar) {
$params = ['status' => 'error'];
$response = new JSONResponse($params);
return $response;
}
$name = str_replace(' ', '_', $calendar['displayname']) . '.ics';
$calendarEvents = Export::export($calid, Export::CALENDAR);
$response = new DataDownloadResponse($calendarEvents, $name, 'text/calendar');
return $response;
}
if (!is_null($eventid)) {
$data = CalendarApp::getEventObject($eventid, false);
if (!$data) {
$params = ['status' => 'error'];
$response = new JSONResponse($params);
return $response;
}
$name = str_replace(' ', '_', $data['summary']) . '.ics';
$singleEvent = Export::export($eventid, Export::EVENT);
$response = new DataDownloadResponse($singleEvent, $name, 'text/calendar');
return $response;
}
}
public static function initAjaxController()
{
\OCP\JSON::checkLoggedIn();
\OCP\JSON::callCheck();
\OCP\JSON::checkAppEnabled('contacts');
\OCP\JSON::checkAppEnabled(self::APP_ID);
}
/**
* Returns the rendered json
* @return the rendered json
*/
public function render()
{
parent::render();
ob_start();
if ($this->error) {
\OCP\JSON::error($this->data);
} else {
\OCP\JSON::success($this->data);
}
$result = ob_get_contents();
ob_end_clean();
return $result;
}
/**
* Runs all security checks
*/
public function runChecks()
{
if ($this->csrfCheck) {
\OCP\JSON::callCheck();
}
if ($this->loggedInCheck) {
\OCP\JSON::checkLoggedIn();
}
if ($this->appEnabledCheck) {
\OCP\JSON::checkAppEnabled($this->appName);
}
if ($this->isAdminCheck) {
\OCP\User::checkAdminUser();
}
}
/**
* Send JSON response on successful login
* @param String $uid
*/
public static function postlogin_hook($uid)
{
if (!self::$_isPersona) {
return;
}
\OCP\Util::writeLog(App::APP_ID, 'Check ambigous ', \OCP\Util::DEBUG);
if (self::$_isAmbigous) {
//Reply with error and logout
\OCP\User::logout();
\OCP\JSON::error(array('msg' => 'More than one user found'));
exit;
} else {
\OCP\JSON::success(array('msg' => 'Access granted'));
exit;
}
}
/**
* @AdminRequired
* @NoCSRFRequired
*/
public function Check()
{
\OCP\JSON::setContentTypeHeader('application/json');
if ($this->Allow) {
try {
$LastVersionNumber = Tools::GetLastVersionNumber();
$AppVersion = \OCP\App::getAppVersion('ocdownloader');
$Response = array('ERROR' => false, 'RESULT' => version_compare($AppVersion, $LastVersionNumber, '<'));
} catch (Exception $E) {
$Response = array('ERROR' => true, 'MESSAGE' => (string) $this->L10N->t('Error while checking application version on GitHub'));
}
} else {
$Response = array('ERROR' => true, 'MESSAGE' => (string) $this->L10N->t('You are not allowed to check for application updates'));
}
return new JSONResponse($Response);
}
/**
* Invite users to the editing session
*/
public static function invite()
{
self::preDispatch();
$invitees = @$_POST['users'];
if (is_array($invitees)) {
$invitees = array_unique($invitees);
$esId = @$_POST['esId'];
foreach ($invitees as $userId) {
try {
Invite::add($esId, $userId);
} catch (\Exception $e) {
}
}
}
\OCP\JSON::success();
}
/**
* Sets up the filesystem and user for public sharing
* @param string $token string share token
* @param string $relativePath optional path relative to the share
* @param string $password optional password
*/
public static function setupFromToken($token, $relativePath = null, $password = null)
{
\OC_User::setIncognitoMode(true);
$linkItem = \OCP\Share::getShareByToken($token, !$password);
if ($linkItem === false || $linkItem['item_type'] !== 'file' && $linkItem['item_type'] !== 'folder') {
\OC_Response::setStatus(404);
\OC_Log::write('core-preview', 'Passed token parameter is not valid', \OC_Log::DEBUG);
exit;
}
if (!isset($linkItem['uid_owner']) || !isset($linkItem['file_source'])) {
\OC_Response::setStatus(500);
\OC_Log::write('core-preview', 'Passed token seems to be valid, but it does not contain all necessary information . ("' . $token . '")', \OC_Log::WARN);
exit;
}
$rootLinkItem = \OCP\Share::resolveReShare($linkItem);
$path = null;
if (isset($rootLinkItem['uid_owner'])) {
\OCP\JSON::checkUserExists($rootLinkItem['uid_owner']);
\OC_Util::tearDownFS();
\OC_Util::setupFS($rootLinkItem['uid_owner']);
$path = \OC\Files\Filesystem::getPath($linkItem['file_source']);
}
if ($path === null) {
\OCP\Util::writeLog('share', 'could not resolve linkItem', \OCP\Util::DEBUG);
\OC_Response::setStatus(404);
\OCP\JSON::error(array('success' => false));
exit;
}
if (!isset($linkItem['item_type'])) {
\OCP\Util::writeLog('share', 'No item type set for share id: ' . $linkItem['id'], \OCP\Util::ERROR);
\OC_Response::setStatus(404);
\OCP\JSON::error(array('success' => false));
exit;
}
if (isset($linkItem['share_with'])) {
if (!self::authenticate($linkItem, $password)) {
\OC_Response::setStatus(403);
\OCP\JSON::error(array('success' => false));
exit;
}
}
$basePath = $path;
if ($relativePath !== null && \OC\Files\Filesystem::isReadable($basePath . $relativePath)) {
$path .= \OC\Files\Filesystem::normalizePath($relativePath);
}
return array('linkItem' => $linkItem, 'basePath' => $basePath, 'realPath' => $path);
}
public static function rename($args)
{
self::preDispatchGuest();
$memberId = Helper::getArrayValueByKey($args, 'member_id');
$name = Helper::getArrayValueByKey($_POST, 'name');
$member = new Db\Member();
$member->load($memberId);
if ($member->getEsId() && $member->getStatus() == Db\Member::MEMBER_STATUS_ACTIVE && $member->getIsGuest()) {
$guestMark = Db\Member::getGuestPostfix();
if (substr($name, -strlen($guestMark)) !== $guestMark) {
$name = $name . ' ' . $guestMark;
}
$op = new Db\Op();
$op->changeNick($member->getEsId(), $memberId, $name);
}
\OCP\JSON::success();
}
public function __construct($AppName, IRequest $request, $UserId)
{
parent::__construct($AppName, $request);
$this->userId = $UserId;
$path = self::PROJECTKIT_PREFIX . DIRECTORY_SEPARATOR;
if (isset($_GET['containerId'])) {
$path .= self::PROJECT_PREFIX . (string) $_GET['containerId'] . DIRECTORY_SEPARATOR;
if (isset($_GET['targetType']) && isset($_GET['targetId'])) {
switch ($_GET['targetType']) {
case TargetType::TASK:
$path .= self::TASK_PREFIX;
break;
case TargetType::ISSUE:
$path .= self::ISSUE_PREFIX;
break;
default:
break;
}
$path .= (string) $_GET['targetId'] . DIRECTORY_SEPARATOR;
$_SESSION['targetType'] = $_GET['targetType'];
} elseif (!isset($_GET['targetType']) && !isset($_GET['targetId'])) {
$_SESSION['targetType'] = TargetType::PROJECT;
}
//use session to save targetType
$path = Filesystem::normalizePath($path);
//Create folder for path
if (!Filesystem::file_exists($path)) {
try {
Filesystem::mkdir($path);
} catch (\Exception $e) {
$result = ['success' => false, 'data' => ['message' => $e->getMessage()]];
\OCP\JSON::error($result);
exit;
}
}
if (!isset($_GET['dir'])) {
$params = array_merge($_GET, ["dir" => $path]);
$url = $_SERVER['PHP_SELF'] . '?' . http_build_query($params);
header('Location: ' . $url, true, 302);
exit;
}
}
}
public static function av_scan($path)
{
$path = $path[\OC\Files\Filesystem::signal_param_path];
if ($path != '') {
if (isset($_POST['dirToken'])) {
//Public upload case
$filesView = \OC\Files\Filesystem::getView();
} else {
$filesView = \OCP\Files::getStorage("files");
}
if (!is_object($filesView)) {
\OCP\Util::writeLog('files_antivirus', 'Can\'t init filesystem view', \OCP\Util::WARN);
return;
}
// check if path is a directory
if ($filesView->is_dir($path)) {
return;
}
// we should have a file to work with, and the file shouldn't
// be empty
$fileExists = $filesView->file_exists($path);
if ($fileExists && $filesView->filesize($path) > 0) {
$fileStatus = self::scanFile($filesView, $path);
$result = $fileStatus->getNumericStatus();
switch ($result) {
case Status::SCANRESULT_UNCHECKED:
//TODO: Show warning to the user: The file can not be checked
break;
case Status::SCANRESULT_INFECTED:
//remove file
$filesView->unlink($path);
Notification::sendMail($path);
$message = \OCP\Util::getL10N('files_antivirus')->t("Virus detected! Can't upload the file %s", array(basename($path)));
\OCP\JSON::error(array("data" => array("message" => $message)));
exit;
break;
case Status::SCANRESULT_CLEAN:
//do nothing
break;
}
}
}
}
/**
* Check if we have a user to login
* @param String $email
* @param String $uid
* @return String
*/
public static function apply($email, $uid = '')
{
//Get list of matching users
$list = array();
$query = \OCP\DB::prepare('SELECT userid FROM *PREFIX*preferences WHERE appid = ? AND configkey = ? AND configvalue = ?');
$result = $query->execute(array('settings', 'email', $email));
while ($userid = $result->fetchOne()) {
$list[] = $userid;
}
$qtyUser = count($list);
//No users found
if (!$qtyUser) {
\OCP\Util::writeLog(App::APP_ID, 'No users found. Deny login.', \OCP\Util::DEBUG);
return false;
}
//One user found
if ($qtyUser == 1) {
\OCP\Util::writeLog(App::APP_ID, 'Single user found. Entering the open space.', \OCP\Util::DEBUG);
return $list[0];
}
//Multiple users found
$currentPolicy = self::getSystemPolicy();
$isValidUid = in_array($uid, $list);
if ($currentPolicy == self::MULTIPLE_USERS_LIST) {
//Do we have correct uid?
if ($isValidUid) {
\OCP\Util::writeLog(App::APP_ID, 'Multiple users found. Entering the open space.', \OCP\Util::DEBUG);
return $uid;
} else {
\OCP\Util::writeLog(App::APP_ID, 'Multiple users found. List them all.', \OCP\Util::DEBUG);
\OCP\JSON::success(array('list' => $list));
exit;
}
} elseif ($currentPolicy == self::MULTIPLE_USERS_FIRST) {
\OCP\Util::writeLog(App::APP_ID, 'Multiple users found. Use first.', \OCP\Util::DEBUG);
//not first but the best matching ;)
$userid = $isValidUid ? $uid : $list[0];
return $userid;
}
\OCP\Util::writeLog(App::APP_ID, 'Multiple users found. Deny login.', \OCP\Util::DEBUG);
return Validator::setAmbigous();
}
/**
* Send a mail to test the settings
*/
public static function sendTestMail()
{
\OC_Util::checkAdminUser();
\OCP\JSON::callCheck();
$l = \OC::$server->getL10N('settings');
$email = \OC_Preferences::getValue(\OC_User::getUser(), 'settings', 'email', '');
if (!empty($email)) {
$defaults = new \OC_Defaults();
try {
\OC_Mail::send($email, \OC_User::getDisplayName(), $l->t('test email settings'), $l->t('If you received this email, the settings seem to be correct.'), \OCP\Util::getDefaultEmailAddress('no-reply'), $defaults->getName());
} catch (\Exception $e) {
$message = $l->t('A problem occurred while sending the e-mail. Please revisit your settings.');
\OC_JSON::error(array("data" => array("message" => $message)));
exit;
}
\OC_JSON::success(array("data" => array("message" => $l->t("Email sent"))));
} else {
$message = $l->t('You need to set your user email before being able to send test emails.');
\OC_JSON::error(array("data" => array("message" => $message)));
}
}
/**
* @NoAdminRequired
* @NoCSRFRequired
*/
public function Get()
{
\OCP\JSON::setContentTypeHeader('application/json');
$PersonalSettings = array();
foreach ($this->OCDSettingKeys as $SettingKey) {
$this->Settings->SetKey($SettingKey);
$PersonalSettings[$SettingKey] = $this->Settings->GetValue();
// Set default if not set in the database
if (is_null($PersonalSettings[$SettingKey])) {
switch ($SettingKey) {
case 'DownloadsFolder':
$PersonalSettings[$SettingKey] = 'Downloads';
break;
case 'TorrentsFolder':
$PersonalSettings[$SettingKey] = 'Downloads/Files/Torrents';
break;
}
}
}
return new JSONResponse(array('ERROR' => false, 'VALS' => $PersonalSettings));
}
/**
* lists the documents the user has access to (including shared files, once the code in core has been fixed)
* also adds session and member info for these files
*/
public static function listAll()
{
self::preDispatch();
$documents = Storage::getDocuments();
$fileIds = array();
//$previewAvailable = \OCP\Preview::show($file);
foreach ($documents as $key => $document) {
//\OCP\Preview::show($document['path']);
$documents[$key]['icon'] = preg_replace('/\\.png$/', '.svg', \OC_Helper::mimetypeIcon($document['mimetype']));
$fileIds[] = $document['fileid'];
}
usort($documents, function ($a, $b) {
return @$b['mtime'] - @$a['mtime'];
});
$session = new Db_Session();
$sessions = $session->getCollectionBy('file_id', $fileIds);
$members = array();
$member = new Db_Member();
foreach ($sessions as $session) {
$members[$session['es_id']] = $member->getActiveCollection($session['es_id']);
}
\OCP\JSON::success(array('documents' => $documents, 'sessions' => $sessions, 'members' => $members));
}
$password = $_POST['password'];
}
$relativePath = null;
if (isset($_GET['dir'])) {
$relativePath = $_GET['dir'];
}
$sortAttribute = isset($_GET['sort']) ? $_GET['sort'] : 'name';
$sortDirection = isset($_GET['sortdirection']) ? $_GET['sortdirection'] === 'desc' : false;
$data = \OCA\Files_Sharing\Helper::setupFromToken($token, $relativePath, $password);
$linkItem = $data['linkItem'];
// Load the files
$dir = $data['realPath'];
$dir = \OC\Files\Filesystem::normalizePath($dir);
if (!\OC\Files\Filesystem::is_dir($dir . '/')) {
\OC_Response::setStatus(\OC_Response::STATUS_NOT_FOUND);
\OCP\JSON::error(array('success' => false));
exit;
}
$data = array();
// make filelist
$files = \OCA\Files\Helper::getFiles($dir, $sortAttribute, $sortDirection);
$formattedFiles = array();
foreach ($files as $file) {
$entry = \OCA\Files\Helper::formatFileInfo($file);
unset($entry['directory']);
// for now
$entry['permissions'] = \OCP\PERMISSION_READ;
$formattedFiles[] = $entry;
}
$data['directory'] = $relativePath;
$data['files'] = $formattedFiles;
} catch (\Exception $e) {
\OCP\JSON::error(array('message' => $e->getMessage()));
exit;
}
\OCP\JSON::error();
exit;
break;
case 'save':
$key = isset($_POST['cfgkey']) ? $_POST['cfgkey'] : false;
$val = isset($_POST['cfgval']) ? $_POST['cfgval'] : null;
if ($key === false || is_null($val)) {
\OCP\JSON::error(array('message' => $l->t('No data specified')));
exit;
}
$cfg = array($key => $val);
$setParameters = array();
$configuration->setConfiguration($cfg, $setParameters);
if (!in_array($key, $setParameters)) {
\OCP\JSON::error(array('message' => $l->t($key . ' Could not set configuration %s', $setParameters[0])));
exit;
}
$configuration->saveConfiguration();
//clear the cache on save
$connection = new \OCA\user_ldap\lib\Connection($ldapWrapper, $prefix);
$connection->clearCache();
OCP\JSON::success();
break;
default:
\OCP\JSON::error(array('message' => $l->t('Action does not exist')));
break;
}
/**
* @param $token
* @return null|string
*/
private function getPath($token)
{
$linkItem = Share::getShareByToken($token, false);
$path = null;
if (is_array($linkItem) && isset($linkItem['uid_owner'])) {
// seems to be a valid share
$rootLinkItem = Share::resolveReShare($linkItem);
if (isset($rootLinkItem['uid_owner'])) {
JSON::checkUserExists($rootLinkItem['uid_owner']);
OC_Util::tearDownFS();
OC_Util::setupFS($rootLinkItem['uid_owner']);
$path = Filesystem::getPath($linkItem['file_source']);
}
}
return $path;
}
* This code is free software: you can redistribute it and/or modify
* it under the terms of the GNU Affero General Public License, version 3,
* as published by the Free Software Foundation.
*
* This program is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
\OCP\JSON::checkAppEnabled('files_external_listing');
\OCP\JSON::checkLoggedIn();
\OCP\JSON::callCheck();
\OC_JSON::checkAdminUser();
$defaultDir = '/home';
if (\OC_Util::runningOnWindows()) {
$defaultDir = 'C:\\';
}
$localroot = OCP\Config::getAppValue('files_external_listing', 'starting_dir', $defaultDir);
if (isset($_POST['path'])) {
$path = realpath($_POST['path']);
if (strpos($path, $localroot) === 0 or empty($_POST['path'])) {
if (empty($_POST['path'])) {
$path = $localroot;
}
if (!is_dir($path)) {
//path is incorrect or is a file. Nothing to do, we work only with dirs
OCP\JSON::error(array('data' => array('message' => 'Incorrect path: ' . $_POST['path'])));
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU Affero General Public License for more details.
*
* You should have received a copy of the GNU Affero General Public License, version 3,
* along with this program. If not, see <http://www.gnu.org/licenses/>
*
*/
set_time_limit(0);
//scanning can take ages
\OCP\JSON::checkLoggedIn();
\OCP\JSON::callCheck();
\OC::$server->getSession()->close();
$force = (isset($_GET['force']) and $_GET['force'] === 'true');
$dir = isset($_GET['dir']) ? (string) $_GET['dir'] : '';
if (isset($_GET['users'])) {
\OCP\JSON::checkAdminUser();
if ($_GET['users'] === 'all') {
$users = OC_User::getUsers();
} else {
$users = json_decode($_GET['users']);
}
} else {
$users = array(OC_User::getUser());
}
$eventSource = \OC::$server->createEventSource();
$listener = new ScanListener($eventSource);
foreach ($users as $user) {
$eventSource->send('user', $user);
$scanner = new \OC\Files\Utils\Scanner($user, \OC::$server->getDatabaseConnection());
$scanner->listen('\\OC\\Files\\Utils\\Scanner', 'scanFile', array($listener, 'file'));
$scanner->listen('\\OC\\Files\\Utils\\Scanner', 'scanFolder', array($listener, 'folder'));
* This file is licensed under the Affero General Public License version 3 or later.
* See the COPYING-README file.
*
* Script to handle admin settings for encrypted key recovery
*/
use OCA\Encryption;
\OCP\JSON::checkAdminUser();
\OCP\JSON::checkAppEnabled('files_encryption');
\OCP\JSON::callCheck();
$l = OC_L10N::get('files_encryption');
$return = false;
// Enable recoveryAdmin
$recoveryKeyId = \OC::$server->getAppConfig()->getValue('files_encryption', 'recoveryKeyId');
if (isset($_POST['adminEnableRecovery']) && $_POST['adminEnableRecovery'] === '1') {
$return = \OCA\Encryption\Helper::adminEnableRecovery($recoveryKeyId, $_POST['recoveryPassword']);
// Return success or failure
if ($return) {
\OCP\JSON::success(array('data' => array('message' => $l->t('Recovery key successfully enabled'))));
} else {
\OCP\JSON::error(array('data' => array('message' => $l->t('Could not enable recovery key. Please check your recovery key password!'))));
}
// Disable recoveryAdmin
} elseif (isset($_POST['adminEnableRecovery']) && '0' === $_POST['adminEnableRecovery']) {
$return = \OCA\Encryption\Helper::adminDisableRecovery($_POST['recoveryPassword']);
// Return success or failure
if ($return) {
\OCP\JSON::success(array('data' => array('message' => $l->t('Recovery key successfully disabled'))));
} else {
\OCP\JSON::error(array('data' => array('message' => $l->t('Could not disable recovery key. Please check your recovery key password!'))));
}
}
$errorMessage = $l->t('Please repeat the new recovery password');
\OCP\JSON::error(array('data' => array('message' => $errorMessage)));
exit;
}
if ($_POST['newPassword'] !== $_POST['confirmPassword']) {
$errorMessage = $l->t('Repeated recovery key password does not match the provided recovery key password');
\OCP\JSON::error(array('data' => array('message' => $errorMessage)));
exit;
}
$view = new \OC\Files\View('/');
$util = new \OCA\Files_Encryption\Util(new \OC\Files\View('/'), \OCP\User::getUser());
$proxyStatus = \OC_FileProxy::$enabled;
\OC_FileProxy::$enabled = false;
$keyId = $util->getRecoveryKeyId();
$encryptedRecoveryKey = \OCA\Files_Encryption\Keymanager::getPrivateSystemKey($keyId);
$decryptedRecoveryKey = $encryptedRecoveryKey ? \OCA\Files_Encryption\Crypt::decryptPrivateKey($encryptedRecoveryKey, $oldPassword) : false;
if ($decryptedRecoveryKey) {
$cipher = \OCA\Files_Encryption\Helper::getCipher();
$encryptedKey = \OCA\Files_Encryption\Crypt::symmetricEncryptFileContent($decryptedRecoveryKey, $newPassword, $cipher);
if ($encryptedKey) {
\OCA\Files_Encryption\Keymanager::setPrivateSystemKey($encryptedKey, $keyId);
$return = true;
}
}
\OC_FileProxy::$enabled = $proxyStatus;
// success or failure
if ($return) {
\OCP\JSON::success(array('data' => array('message' => $l->t('Password successfully changed.'))));
} else {
\OCP\JSON::error(array('data' => array('message' => $l->t('Could not change the password. Maybe the old password was not correct.'))));
}
$link = (string) $_POST['link'];
$file = (string) $_POST['file'];
$to_address = (string) $_POST['toaddress'];
$mailNotification = new \OC\Share\MailNotifications();
$expiration = null;
if (isset($_POST['expiration']) && $_POST['expiration'] !== '') {
try {
$date = new DateTime((string) $_POST['expiration']);
$expiration = $date->getTimestamp();
} catch (Exception $e) {
\OCP\Util::writeLog('sharing', "Couldn't read date: " . $e->getMessage(), \OCP\Util::ERROR);
}
}
$result = $mailNotification->sendLinkShareMail($to_address, $file, $link, $expiration);
if (empty($result)) {
\OCP\JSON::success();
} else {
$l = \OC::$server->getL10N('core');
OCP\JSON::error(array('data' => array('message' => $l->t("Couldn't send mail to following users: %s ", implode(', ', $result)))));
}
break;
}
} else {
if (isset($_GET['fetch'])) {
switch ($_GET['fetch']) {
case 'getItemsSharedStatuses':
if (isset($_GET['itemType'])) {
$return = OCP\Share::getItemsShared((string) $_GET['itemType'], OCP\Share::FORMAT_STATUSES);
is_array($return) ? OC_JSON::success(array('data' => $return)) : OC_JSON::error();
}
break;
*/
namespace OCA_Updater;
\OCP\JSON::checkAdminUser();
// Url to download package e.g. http://download.owncloud.org/releases/owncloud-4.0.5.tar.bz2
$packageUrl = 'http://owncloud.org/releases/owncloud-latest.zip';
//Package version e.g. 4.0.4
$packageVersion = '';
$updateData = \OC_Updater::check();
if (isset($updateData['version'])) {
$packageVersion = $updateData['version'];
}
if (isset($updateData['url']) && extension_loaded('bz2')) {
$packageUrl = $updateData['url'];
}
if (!$packageVersion) {
\OCP\JSON::error(array('msg' => 'Version not found'));
exit;
}
$sourcePath = Downloader::getPackage($packageUrl, $packageVersion);
if (!$sourcePath) {
\OCP\JSON::error(array('msg' => 'Unable to fetch package'));
exit;
}
$backupPath = Backup::createBackup();
if ($backupPath) {
Updater::update($sourcePath, $backupPath);
\OCP\JSON::success(array());
} else {
\OCP\JSON::error(array('msg' => 'Failed to create backup'));
}
<?php
/**
* ownCloud - ownpad_lite plugin
*
* @author Victor Dubiniuk
* @copyright 2012 Victor Dubiniuk victor.dubiniuk@gmail.com
*
* This file is licensed under the Affero General Public License version 3 or
* later.
*/
namespace OCA\ownpad_lite;
$serviceUrl = isset($_POST[App::CONFIG_ETHERPAD_URL]) ? $_POST[App::CONFIG_ETHERPAD_URL] : false;
$username = isset($_POST[App::CONFIG_USERNAME]) ? $_POST[App::CONFIG_USERNAME] : false;
$errors = array();
$username = preg_replace('/[^0-9a-zA-Z\\.\\-_]*/i', '', $username);
if ($username) {
App::setUsername($username);
} else {
$errors[] = App::ERROR_USERNAME_INVALID;
}
if ($serviceUrl) {
if (preg_match('|^http(s)?://[a-z0-9-]+(.[a-z0-9-]+)*(:[0-9]+)?(/.*)?$|i', $serviceUrl)) {
App::setServiceUrl($serviceUrl);
} else {
$errors[] = App::ERROR_URL_INVALID;
}
}
\OCP\JSON::success(array('data' => $errors));
} catch (\Exception $e) {
\OCP\JSON::error(array('message' => $e->getMessage()));
exit;
}
\OCP\JSON::error();
exit;
break;
case 'save':
$key = isset($_POST['cfgkey']) ? $_POST['cfgkey'] : false;
$val = isset($_POST['cfgval']) ? $_POST['cfgval'] : null;
if ($key === false || is_null($val)) {
\OCP\JSON::error(array('message' => $l->t('No data specified')));
exit;
}
$cfg = array($key => $val);
$setParameters = array();
$configuration->setConfiguration($cfg, $setParameters);
if (!in_array($key, $setParameters)) {
\OCP\JSON::error(array('message' => $l->t($key . ' Could not set configuration %s', $setParameters[0])));
exit;
}
$configuration->saveConfiguration();
//clear the cache on save
$connection = new \OCA\user_ldap\lib\Connection($ldapWrapper, $prefix);
$connection->clearCache();
OCP\JSON::success();
break;
default:
//TODO: return 4xx error
break;
}
<?php
/**
* Copyright (c) 2013, Bjoern Schiessle <*****@*****.**>
* This file is licensed under the Affero General Public License version 3 or later.
* See the COPYING-README file.
*
* check migration status
*/
use OCA\Encryption\Util;
\OCP\JSON::checkAppEnabled('files_encryption');
$loginname = isset($_POST['user']) ? $_POST['user'] : '';
$password = isset($_POST['password']) ? $_POST['password'] : '';
$migrationStatus = Util::MIGRATION_COMPLETED;
if ($loginname !== '' && $password !== '') {
$username = \OCP\User::checkPassword($loginname, $password);
if ($username) {
$util = new Util(new \OC\Files\View('/'), $username);
$migrationStatus = $util->getMigrationStatus();
}
}
\OCP\JSON::success(array('data' => array('migrationStatus' => $migrationStatus)));
* License as published by the Free Software Foundation; either
* version 3 of the License, or any later version.
*
* This library is distributed in the hope that it will be useful,
* but WITHOUT ANY WARRANTY; without even the implied warranty of
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
* GNU AFFERO GENERAL PUBLIC LICENSE for more details.
*
* You should have received a copy of the GNU Affero General Public
* License along with this library. If not, see <http://www.gnu.org/licenses/>.
*
*/
namespace OCA\Documents;
\OCP\User::checkLoggedIn();
\OCP\JSON::checkAppEnabled('documents');
\OCP\App::setActiveNavigationEntry('documents_index');
\OCP\Util::addStyle('documents', 'style');
\OCP\Util::addStyle('documents', '3rdparty/webodf/dojo-app');
\OCP\Util::addScript('documents', 'documents');
\OCP\Util::addScript('files', 'file-upload');
\OCP\Util::addScript('files', 'jquery.iframe-transport');
\OCP\Util::addScript('files', 'jquery.fileupload');
$tmpl = new \OCP\Template('documents', 'documents', 'user');
$previewsEnabled = \OC::$server->getConfig()->getSystemValue('enable_previews', true);
$unstable = \OCP\Config::getAppValue('documents', 'unstable', 'false');
$maxUploadFilesize = \OCP\Util::maxUploadFilesize("/");
$savePath = \OCP\Config::getUserValue(\OCP\User::getUser(), 'documents', 'save_path', '/');
$tmpl->assign('enable_previews', $previewsEnabled);
$tmpl->assign('useUnstable', $unstable);
$tmpl->assign('uploadMaxFilesize', $maxUploadFilesize);
