/**
* Check if the user is logged in, send json error msg if not
*/
public static function checkLoggedIn() {
if( !OC_User::isLoggedIn()) {
$l = OC_L10N::get('lib');
self::error(array( 'data' => array( 'message' => $l->t('Authentication error') )));
exit();
}
}
/**
* Check if the user is logged in, send json error msg if not
* @deprecated Use annotation based ACLs from the AppFramework instead
*/
public static function checkLoggedIn()
{
if (!OC_User::isLoggedIn()) {
$l = \OC::$server->getL10N('lib');
self::error(array('data' => array('message' => $l->t('Authentication error'), 'error' => 'authentication_error')));
exit;
}
}
/**
* Check if the user is logged in, send json error msg if not
*/
public static function checkLoggedIn()
{
if (!OC_User::isLoggedIn()) {
$l = new OC_L10N('core');
self::error(array('data' => array('message' => $l->t('Authentication error'))));
exit;
}
}
/**
* Check if the user is logged in, send json error msg if not
* @deprecated Use annotation based ACLs from the AppFramework instead
*/
public static function checkLoggedIn()
{
if (!OC_User::isLoggedIn()) {
$l = \OC::$server->getL10N('lib');
http_response_code(\OCP\AppFramework\Http::STATUS_UNAUTHORIZED);
self::error(array('data' => array('message' => $l->t('Authentication error'), 'error' => 'authentication_error')));
exit;
}
}
/**
* Override function here. We want to cache authentication cookies
* in the syncing client to avoid HTTP-401 roundtrips.
* If the sync client supplies the cookies, then OC_User::isLoggedIn()
* will return true and we can see this WebDAV request as already authenticated,
* even if there are no HTTP Basic Auth headers.
* In other case, just fallback to the parent implementation.
*
* @return bool
*/
public function authenticate(Sabre_DAV_Server $server, $realm)
{
if (OC_User::handleApacheAuth() || OC_User::isLoggedIn()) {
$user = OC_User::getUser();
OC_Util::setupFS($user);
$this->currentUser = $user;
return true;
}
return parent::authenticate($server, $realm);
}
/**
* Returns the cache storage for the logged in user
* @return \OC\Files\View cache storage
*/
protected function getStorage()
{
if (isset($this->storage)) {
return $this->storage;
}
if (\OC_User::isLoggedIn()) {
\OC\Files\Filesystem::initMountPoints(\OC_User::getUser());
$this->storage = new \OC\Files\View('/' . \OC_User::getUser() . '/cache');
return $this->storage;
} else {
\OC_Log::write('core', 'Can\'t get cache storage, user not logged in', \OC_Log::ERROR);
throw new \OC\ForbiddenException('Can\\t get cache storage, user not logged in');
}
}
public static function changekeypasscode($newpasscode)
{
if (OC_User::isLoggedIn()) {
$username = OC_USER::getUser();
// read old key
$key = file_get_contents(OC_Config::getValue("datadirectory") . '/' . $username . '/encryption.key');
// decrypt key with old passcode
$key = OC_Crypt::decrypt($key, $_SESSION['user_password']);
// encrypt again with new passcode
$key = OC_Crypt::encrypt($key, $newpassword);
// store the new key
file_put_contents(OC_Config::getValue("datadirectory") . '/' . $username . '/encryption.key', $key);
$_SESSION['user_password'] = $newpasscode;
}
}
/**
* Validates a username and password
*
* This method should return true or false depending on if login
* succeeded.
*
* @return bool
*/
protected function validateUserPass($username, $password)
{
if (OC_User::isLoggedIn()) {
OC_Util::setupFS($username);
return true;
} else {
OC_Util::setUpFS();
//login hooks may need early access to the filesystem
if (OC_User::login($username, $password)) {
OC_Util::setUpFS(OC_User::getUser());
return true;
} else {
return false;
}
}
}
/**
* Returns the cache storage for the logged in user
*
* @return \OC\Files\View cache storage
* @throws \OC\ForbiddenException
* @throws \OC\User\NoUserException
*/
protected function getStorage() {
if (isset($this->storage)) {
return $this->storage;
}
if (\OC_User::isLoggedIn()) {
$rootView = new View();
$user = \OC::$server->getUserSession()->getUser();
Filesystem::initMountPoints($user->getUID());
if (!$rootView->file_exists('/' . $user->getUID() . '/cache')) {
$rootView->mkdir('/' . $user->getUID() . '/cache');
}
$this->storage = new View('/' . $user->getUID() . '/cache');
return $this->storage;
} else {
\OCP\Util::writeLog('core', 'Can\'t get cache storage, user not logged in', \OCP\Util::ERROR);
throw new \OC\ForbiddenException('Can\t get cache storage, user not logged in');
}
}
protected function getStorage()
{
if (isset($this->storage)) {
return $this->storage;
}
if (OC_User::isLoggedIn()) {
$subdir = 'cache';
$view = new OC_FilesystemView('/' . OC_User::getUser());
if (!$view->file_exists($subdir)) {
$view->mkdir($subdir);
}
$this->storage = new OC_FilesystemView('/' . OC_User::getUser() . '/' . $subdir);
return $this->storage;
} else {
OC_Log::write('core', 'Can\'t get cache storage, user not logged in', OC_Log::ERROR);
return false;
}
}
public function __construct(array $urlParams = array())
{
parent::__construct('gatekeeper', $urlParams);
$container = $this->getContainer();
// Hooks
$container->registerService('GateKeeperHooks', function ($c) {
return new \OCA\GateKeeper\Hooks\GateKeeperHooks($c->query('GateKeeperService'), $c->query('Logger'));
});
// Service
$container->registerService('GateKeeperService', function ($c) {
return new \OCA\GateKeeper\Service\GateKeeperService($c->query('ServerContainer')->getAppConfig()->getValue('gatekeeper', 'mode'), $c->query('ServerContainer')->getSession(), $c->query('AccessObjectMapper'), $c->query('GroupManager'), GKHelper::isRemote(), $c->query('ServerContainer')->getAppConfig()->getValue('gatekeeper', 'refresh_delay'));
});
// Mapper
$container->registerService('AccessObjectMapper', function ($c) {
return new \OCA\GateKeeper\Db\AccessObjectMapper($c->query('ServerContainer')->getDb());
});
// groupManager
$container->registerService('GroupManager', function ($c) {
return \OC_Group::getManager();
});
// - logger -
$container->registerService('Logger', function ($c) {
return $c->query('ServerContainer')->getLogger();
});
$container->registerService('Interceptor', function ($c) {
return new \OCA\GateKeeper\AppInfo\Interceptor($c->query('ServerContainer')->getUserSession(), \OC_User::isLoggedIn(), $c->query('GateKeeperService'), $c->query('L10N'), $c->query('DenyLogger'));
});
$container->registerService('L10N', function ($c) {
return $c->query('ServerContainer')->getL10N($c->query('AppName'));
});
$container->registerService('SettingsController', function ($c) {
return new \OCA\GateKeeper\Controller\SettingsController($c->query('Request'), $c->query('ServerContainer')->getAppConfig(), $c->query('AccessObjectMapper'), $c->query('GroupManager'));
});
$container->registerService('DenyLoggerFactory', function ($c) {
return new \OCA\GateKeeper\Lib\DenyLoggerFactory($c->query('ServerContainer')->getAppConfig());
});
$container->registerService('DenyLogger', function ($c) {
return $c->query('DenyLoggerFactory')->getInstance();
});
}
/**
* Check if the user is logged in
* @return boolean
*/
public static function isLoggedIn()
{
return \OC_User::isLoggedIn();
}
$_POST['install'] = 'true';
$_POST = array_merge($_POST, $AUTOCONFIG);
unlink($autosetup_file);
}
OC_Util::addScript('setup');
require_once 'setup.php';
exit;
}
// Handle WebDAV
if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') {
header('location: ' . OC_Helper::linkToRemote('webdav'));
exit;
} elseif (!OC_User::isLoggedIn() && substr(OC::$REQUESTEDFILE, -3) == 'css') {
OC_App::loadApps();
OC::loadfile();
} elseif (OC_User::isLoggedIn()) {
OC_App::loadApps();
if (isset($_GET["logout"]) and $_GET["logout"]) {
OC_User::logout();
header("Location: " . OC::$WEBROOT . '/');
exit;
} else {
if (is_null(OC::$REQUESTEDFILE)) {
OC::loadapp();
} else {
OC::loadfile();
}
}
// For all others cases, we display the guest page :
} else {
OC_App::loadApps();
<?php
// Init owncloud
global $eventSource;
if (!OC_User::isLoggedIn()) {
exit;
}
\OC::$server->getSession()->close();
// Get the params
$dir = isset($_REQUEST['dir']) ? '/' . trim($_REQUEST['dir'], '/\\') : '';
$filename = isset($_REQUEST['filename']) ? trim($_REQUEST['filename'], '/\\') : '';
$content = isset($_REQUEST['content']) ? $_REQUEST['content'] : '';
$source = isset($_REQUEST['source']) ? trim($_REQUEST['source'], '/\\') : '';
if ($source) {
$eventSource = \OC::$server->createEventSource();
} else {
OC_JSON::callCheck();
}
function progress($notification_code, $severity, $message, $message_code, $bytes_transferred, $bytes_max)
{
static $filesize = 0;
static $lastsize = 0;
global $eventSource;
switch ($notification_code) {
case STREAM_NOTIFY_FILE_SIZE_IS:
$filesize = $bytes_max;
break;
case STREAM_NOTIFY_PROGRESS:
if ($bytes_transferred > 0) {
if (!isset($filesize) || $filesize === 0) {
} else {
/**
* @param \Sabre\DAV\Server $server
* @param $realm
* @return bool
*/
private function auth(\Sabre\DAV\Server $server, $realm)
{
if (OC_User::handleApacheAuth() || OC_User::isLoggedIn() && is_null(\OC::$server->getSession()->get(self::DAV_AUTHENTICATED))) {
$user = OC_User::getUser();
OC_Util::setupFS($user);
$this->currentUser = $user;
\OC::$server->getSession()->close();
return true;
}
return parent::authenticate($server, $realm);
}
/**
* Handle the request
*/
public static function handleRequest()
{
\OC::$server->getEventLogger()->start('handle_request', 'Handle request');
$systemConfig = \OC::$server->getSystemConfig();
// load all the classpaths from the enabled apps so they are available
// in the routing files of each app
OC::loadAppClassPaths();
// Check if ownCloud is installed or in maintenance (update) mode
if (!$systemConfig->getValue('installed', false)) {
\OC::$server->getSession()->clear();
$setupHelper = new OC\Setup(\OC::$server->getConfig(), \OC::$server->getIniWrapper(), \OC::$server->getL10N('lib'), new \OC_Defaults(), \OC::$server->getLogger(), \OC::$server->getSecureRandom());
$controller = new OC\Core\Setup\Controller($setupHelper);
$controller->run($_POST);
exit;
}
$request = \OC::$server->getRequest()->getPathInfo();
if (substr($request, -3) !== '.js') {
// we need these files during the upgrade
self::checkMaintenanceMode();
self::checkUpgrade();
}
// Always load authentication apps
OC_App::loadApps(['authentication']);
// Load minimum set of apps
if (!self::checkUpgrade(false) && !$systemConfig->getValue('maintenance', false) && !\OCP\Util::needUpgrade()) {
// For logged-in users: Load everything
if (OC_User::isLoggedIn()) {
OC_App::loadApps();
} else {
// For guests: Load only filesystem and logging
OC_App::loadApps(array('filesystem', 'logging'));
\OC_User::tryBasicAuthLogin();
}
}
if (!self::$CLI and (!isset($_GET["logout"]) or $_GET["logout"] !== 'true')) {
try {
if (!$systemConfig->getValue('maintenance', false) && !\OCP\Util::needUpgrade()) {
OC_App::loadApps(array('filesystem', 'logging'));
OC_App::loadApps();
}
self::checkSingleUserMode();
OC_Util::setupFS();
OC::$server->getRouter()->match(\OC::$server->getRequest()->getRawPathInfo());
return;
} catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) {
//header('HTTP/1.0 404 Not Found');
} catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) {
OC_Response::setStatus(405);
return;
}
}
// Handle redirect URL for logged in users
if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) {
$location = OC_Helper::makeURLAbsolute(urldecode($_REQUEST['redirect_url']));
// Deny the redirect if the URL contains a @
// This prevents unvalidated redirects like ?redirect_url=:user@domain.com
if (strpos($location, '@') === false) {
header('Location: ' . $location);
return;
}
}
// Handle WebDAV
if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') {
// not allowed any more to prevent people
// mounting this root directly.
// Users need to mount remote.php/webdav instead.
header('HTTP/1.1 405 Method Not Allowed');
header('Status: 405 Method Not Allowed');
return;
}
// Redirect to index if the logout link is accessed without valid session
// this is needed to prevent "Token expired" messages while login if a session is expired
// @see https://github.com/owncloud/core/pull/8443#issuecomment-42425583
if (isset($_GET['logout']) && !OC_User::isLoggedIn()) {
header("Location: " . OC::$WEBROOT . (empty(OC::$WEBROOT) ? '/' : ''));
return;
}
// Someone is logged in
if (OC_User::isLoggedIn()) {
OC_App::loadApps();
OC_User::setupBackends();
OC_Util::setupFS();
if (isset($_GET["logout"]) and $_GET["logout"]) {
OC_JSON::callCheck();
if (isset($_COOKIE['oc_token'])) {
\OC::$server->getConfig()->deleteUserValue(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']);
}
OC_User::logout();
// redirect to webroot and add slash if webroot is empty
header("Location: " . OC::$WEBROOT . (empty(OC::$WEBROOT) ? '/' : ''));
} else {
// Redirect to default application
OC_Util::redirectToDefaultPage();
}
} else {
// Not handled and not logged in
self::handleLogin();
}
}
/**
* @brief Returns the Settings Navigation
* @returns associative array
*
* This function returns an array containing all settings pages added. The
* entries are sorted by the key 'order' ascending.
*/
public static function getSettingsNavigation()
{
$l = new OC_L10N('core');
// by default, settings only contain the help menu
$settings = array(array("id" => "help", "order" => 1000, "href" => OC_Helper::linkTo("settings", "help.php"), "name" => $l->t("Help"), "icon" => OC_Helper::imagePath("settings", "help.svg")));
// if the user is logged-in
if (OC_User::isLoggedIn()) {
// personal menu
$settings[] = array("id" => "personal", "order" => 1, "href" => OC_Helper::linkTo("settings", "personal.php"), "name" => $l->t("Personal"), "icon" => OC_Helper::imagePath("settings", "personal.svg"));
// if there're some settings forms
if (!empty(self::$settingsForms)) {
// settings menu
$settings[] = array("id" => "settings", "order" => 1000, "href" => OC_Helper::linkTo("settings", "settings.php"), "name" => $l->t("Settings"), "icon" => OC_Helper::imagePath("settings", "settings.svg"));
}
// if the user is an admin
if (OC_Group::inGroup($_SESSION["user_id"], "admin")) {
// admin users menu
$settings[] = array("id" => "core_users", "order" => 2, "href" => OC_Helper::linkTo("settings", "users.php"), "name" => $l->t("Users"), "icon" => OC_Helper::imagePath("settings", "users.svg"));
// admin apps menu
$settings[] = array("id" => "core_apps", "order" => 3, "href" => OC_Helper::linkTo("settings", "apps.php?installed"), "name" => $l->t("Apps"), "icon" => OC_Helper::imagePath("settings", "apps.svg"));
// if there're some admin forms
if (!empty(self::$adminForms)) {
// admins menu
$settings[] = array("id" => "admin", "order" => 1000, "href" => OC_Helper::linkTo("settings", "admin.php"), "name" => $l->t("Admin"), "icon" => OC_Helper::imagePath("settings", "admin.svg"));
}
}
}
$navigation = self::proceedNavigation($settings);
return $navigation;
}
/**
* @brief Handle the request
*/
public static function handleRequest()
{
// load all the classpaths from the enabled apps so they are available
// in the routing files of each app
OC::loadAppClassPaths();
// Check if ownCloud is installed or in maintenance (update) mode
if (!OC_Config::getValue('installed', false)) {
require_once 'core/setup.php';
exit;
}
$request = OC_Request::getPathInfo();
if (substr($request, -3) !== '.js') {
// we need these files during the upgrade
self::checkMaintenanceMode();
self::checkUpgrade();
}
if (!self::$CLI) {
try {
if (!OC_Config::getValue('maintenance', false)) {
OC_App::loadApps();
}
OC::getRouter()->match(OC_Request::getRawPathInfo());
return;
} catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) {
//header('HTTP/1.0 404 Not Found');
} catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) {
OC_Response::setStatus(405);
return;
}
}
$app = OC::$REQUESTEDAPP;
$file = OC::$REQUESTEDFILE;
$param = array('app' => $app, 'file' => $file);
// Handle app css files
if (substr($file, -3) == 'css') {
self::loadCSSFile($param);
return;
}
// Handle redirect URL for logged in users
if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) {
$location = OC_Helper::makeURLAbsolute(urldecode($_REQUEST['redirect_url']));
// Deny the redirect if the URL contains a @
// This prevents unvalidated redirects like ?redirect_url=:user@domain.com
if (strpos($location, '@') === FALSE) {
header('Location: ' . $location);
return;
}
}
// Handle WebDAV
if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') {
header('location: ' . OC_Helper::linkToRemote('webdav'));
return;
}
// Someone is logged in :
if (OC_User::isLoggedIn()) {
OC_App::loadApps();
OC_User::setupBackends();
if (isset($_GET["logout"]) and $_GET["logout"]) {
if (isset($_COOKIE['oc_token'])) {
OC_Preferences::deleteKey(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']);
}
OC_User::logout();
header("Location: " . OC::$WEBROOT . '/');
} else {
if (is_null($file)) {
$param['file'] = 'index.php';
}
$file_ext = substr($param['file'], -3);
if ($file_ext != 'php' || !self::loadAppScriptFile($param)) {
header('HTTP/1.0 404 Not Found');
}
}
return;
}
// Not handled and not logged in
self::handleLogin();
}
/**
* Check if the user is logged in, redirects to home if not. With
* redirect URL parameter to the request URI.
*
* @return void
*/
public static function checkLoggedIn()
{
// Check if we are a user
if (!OC_User::isLoggedIn()) {
header('Location: ' . OC_Helper::linkToAbsolute('', 'index.php', ['redirect_url' => \OC::$server->getRequest()->getRequestUri()]));
exit;
}
}
<?php
// Init owncloud
require_once '../../lib/base.php';
OCP\JSON::callCheck();
// Check if we are a user
if (!OC_User::isLoggedIn() || !OC_Group::inGroup(OC_User::getUser(), 'admin') && !OC_SubAdmin::isSubAdmin(OC_User::getUser())) {
OC_JSON::error(array("data" => array("message" => "Authentication error")));
exit;
}
OCP\JSON::callCheck();
$isadmin = OC_Group::inGroup(OC_User::getUser(), 'admin') ? true : false;
if ($isadmin) {
$groups = array();
if (isset($_POST["groups"])) {
$groups = $_POST["groups"];
}
} else {
if (isset($_POST["groups"])) {
$groups = array();
foreach ($_POST["groups"] as $group) {
if (OC_SubAdmin::isGroupAccessible(OC_User::getUser(), $group)) {
$groups[] = $group;
}
}
if (count($groups) == 0) {
$groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser());
}
} else {
$groups = OC_SubAdmin::getSubAdminsGroups(OC_User::getUser());
}
/**
* http basic auth
* @return string|false (username, or false on failure)
*/
private static function loginUser()
{
if (self::$isLoggedIn === true) {
return \OC_User::getUser();
}
// reuse existing login
$loggedIn = OC_User::isLoggedIn();
if ($loggedIn === true) {
$ocsApiRequest = isset($_SERVER['HTTP_OCS_APIREQUEST']) ? $_SERVER['HTTP_OCS_APIREQUEST'] === 'true' : false;
if ($ocsApiRequest) {
// initialize the user's filesystem
\OC_Util::setUpFS(\OC_User::getUser());
self::$isLoggedIn = true;
return OC_User::getUser();
}
return false;
}
// basic auth - because OC_User::login will create a new session we shall only try to login
// if user and pass are set
if (isset($_SERVER['PHP_AUTH_USER']) && isset($_SERVER['PHP_AUTH_PW'])) {
$authUser = $_SERVER['PHP_AUTH_USER'];
$authPw = $_SERVER['PHP_AUTH_PW'];
$return = OC_User::login($authUser, $authPw);
if ($return === true) {
self::$logoutRequired = true;
// initialize the user's filesystem
\OC_Util::setUpFS(\OC_User::getUser());
self::$isLoggedIn = true;
return \OC_User::getUser();
}
}
return false;
}
/**
* @return boolean
*/
function isLoggedIn()
{
return \OC_User::isLoggedIn();
}
/**
* @param string $uid
* @param string $password
* @throws \Exception
* @return bool|\OC\User\User the created user of false
*/
public function createUser($uid, $password)
{
$l = \OC_L10N::get('lib');
// Check the name for bad characters
// Allowed are: "a-z", "A-Z", "0-9" and "_.@-"
if (preg_match('/[^a-zA-Z0-9 _\\.@\\-]/', $uid)) {
throw new \Exception($l->t('Only the following characters are allowed in a username:'******' "a-z", "A-Z", "0-9", and "_.@-"'));
}
// No empty username
if (trim($uid) == '') {
throw new \Exception($l->t('A valid username must be provided'));
}
// No empty password
if (trim($password) == '') {
throw new \Exception($l->t('A valid password must be provided'));
}
// Check if user already exists
if ($this->userExists($uid)) {
throw new \Exception($l->t('The username is already being used'));
}
$this->emit('\\OC\\User', 'preCreateUser', array($uid, $password));
foreach ($this->backends as $backend) {
if ($backend->implementsActions(\OC_USER_BACKEND_CREATE_USER)) {
$backend->createUser($uid, $password);
$user = $this->getUserObject($uid, $backend);
// make sure that the users file system is initialized before we
// emit the post hook
if (!\OC_User::isLoggedIn()) {
\OC_Util::setupFS($uid);
}
$this->emit('\\OC\\User', 'postCreateUser', array($user, $password));
return $user;
}
}
return false;
}
/**
* Check if the user is logged in, redirects to home if not
*/
public static function checkLoggedIn()
{
// Check if we are a user
if (!OC_User::isLoggedIn()) {
header('Location: ' . OC_Helper::linkTo('', 'index.php', true));
exit;
}
}
/**
* Check if the user is logged in, redirects to home if not. With
* redirect URL parameter to the request URI.
*
* @return void
*/
public static function checkLoggedIn()
{
// Check if we are a user
if (!OC_User::isLoggedIn()) {
header('Location: ' . OC_Helper::linkToAbsolute('', 'index.php', array('redirect_url' => OC_Request::requestUri())));
exit;
}
}
/**
* Check if the user is logged in, redirects to home if not. With
* redirect URL parameter to the request URI.
*/
public static function checkLoggedIn()
{
// Check if we are a user
if (!OC_User::isLoggedIn()) {
header('Location: ' . OC_Helper::linkToAbsolute('', 'index.php', array('redirect_url' => $_SERVER["REQUEST_URI"])));
exit;
}
}
/**
* deletes a file or folder
*
* @param dir $dir
* @param file $name
*/
public static function delete($dir, $file)
{
if (OC_User::isLoggedIn() && ($dir != '' || $file != 'Shared')) {
$file = $dir . '/' . $file;
return OC_Filesystem::unlink($file);
}
}
/**
* Handle the request
*/
public static function handleRequest()
{
\OC::$server->getEventLogger()->start('handle_request', 'Handle request');
$systemConfig = \OC::$server->getSystemConfig();
// load all the classpaths from the enabled apps so they are available
// in the routing files of each app
OC::loadAppClassPaths();
// Check if ownCloud is installed or in maintenance (update) mode
if (!$systemConfig->getValue('installed', false)) {
\OC::$server->getSession()->clear();
$setupHelper = new OC\Setup(\OC::$server->getConfig(), \OC::$server->getIniWrapper(), \OC::$server->getL10N('lib'), new \OC_Defaults(), \OC::$server->getLogger(), \OC::$server->getSecureRandom());
$controller = new OC\Core\Controller\SetupController($setupHelper);
$controller->run($_POST);
exit;
}
$request = \OC::$server->getRequest();
// Check if requested URL matches 'index.php/occ'
$isOccControllerRequested = preg_match('|/index\\.php$|', $request->getScriptName()) === 1 && strpos($request->getPathInfo(), '/occ/') === 0;
$requestPath = $request->getRawPathInfo();
if (substr($requestPath, -3) !== '.js') {
// we need these files during the upgrade
self::checkMaintenanceMode($request);
$needUpgrade = self::checkUpgrade(!$isOccControllerRequested);
}
// emergency app disabling
if ($requestPath === '/disableapp' && $request->getMethod() === 'POST' && (string) $request->getParam('appid') !== '') {
\OCP\JSON::callCheck();
\OCP\JSON::checkAdminUser();
$appId = (string) $request->getParam('appid');
$appId = \OC_App::cleanAppId($appId);
\OC_App::disable($appId);
\OC_JSON::success();
exit;
}
try {
// Always load authentication apps
OC_App::loadApps(['authentication']);
} catch (\OC\NeedsUpdateException $e) {
if ($isOccControllerRequested && $needUpgrade) {
OC::$server->getRouter()->match(\OC::$server->getRequest()->getRawPathInfo());
return;
}
throw $e;
}
// Load minimum set of apps
if (!self::checkUpgrade(false) && !$systemConfig->getValue('maintenance', false)) {
// For logged-in users: Load everything
if (OC_User::isLoggedIn()) {
OC_App::loadApps();
} else {
// For guests: Load only filesystem and logging
OC_App::loadApps(array('filesystem', 'logging'));
self::handleLogin($request);
}
}
if (!self::$CLI) {
try {
if (!$systemConfig->getValue('maintenance', false) && !self::checkUpgrade(false)) {
OC_App::loadApps(array('filesystem', 'logging'));
OC_App::loadApps();
}
self::checkSingleUserMode();
OC_Util::setupFS();
OC::$server->getRouter()->match(\OC::$server->getRequest()->getRawPathInfo());
return;
} catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) {
//header('HTTP/1.0 404 Not Found');
} catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) {
OC_Response::setStatus(405);
return;
}
}
// Handle WebDAV
if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') {
// not allowed any more to prevent people
// mounting this root directly.
// Users need to mount remote.php/webdav instead.
header('HTTP/1.1 405 Method Not Allowed');
header('Status: 405 Method Not Allowed');
return;
}
// Someone is logged in
if (OC_User::isLoggedIn()) {
OC_App::loadApps();
OC_User::setupBackends();
OC_Util::setupFS();
// FIXME
// Redirect to default application
OC_Util::redirectToDefaultPage();
} else {
// Not handled and not logged in
header('Location: ' . \OC::$server->getURLGenerator()->linkToRouteAbsolute('core.login.showLoginForm'));
}
}
/**
* @param string $appId
* @return \OC\Files\View
*/
public static function getStorage($appId)
{
if (OC_App::isEnabled($appId)) {
//sanity check
if (OC_User::isLoggedIn()) {
$view = new \OC\Files\View('/' . OC_User::getUser());
if (!$view->file_exists($appId)) {
$view->mkdir($appId);
}
return new \OC\Files\View('/' . OC_User::getUser() . '/' . $appId);
} else {
OC_Log::write('core', 'Can\'t get app storage, app ' . $appId . ', user not logged in', OC_Log::ERROR);
return false;
}
} else {
OC_Log::write('core', 'Can\'t get app storage, app ' . $appId . ' not enabled', OC_Log::ERROR);
return false;
}
}
<?php
// Init owncloud
require_once '../../lib/base.php';
// Check if we are a user
if (!OC_User::isLoggedIn() || !OC_Group::inGroup(OC_User::getUser(), 'admin')) {
OC_JSON::error(array("data" => array("message" => "Authentication error")));
exit;
}
$groups = array();
if (isset($_POST["groups"])) {
$groups = $_POST["groups"];
}
$username = $_POST["username"];
$password = $_POST["password"];
// Does the group exist?
if (in_array($username, OC_User::getUsers())) {
OC_JSON::error(array("data" => array("message" => "User already exists")));
exit;
}
// Return Success story
try {
OC_User::createUser($username, $password);
foreach ($groups as $i) {
if (!OC_Group::groupExists($i)) {
OC_Group::createGroup($i);
}
OC_Group::addToGroup($username, $i);
}
OC_JSON::success(array("data" => array("username" => $username, "groups" => implode(", ", OC_Group::getUserGroups($username)))));
} catch (Exception $exception) {
