protected static function getTagger($type)
{
\OC_JSON::checkLoggedIn();
\OC_JSON::callCheck();
try {
$tagger = \OC::$server->getTagManager()->load($type);
return $tagger;
} catch (\Exception $e) {
\OCP\Util::writeLog('core', __METHOD__ . ' Exception: ' . $e->getMessage(), \OCP\Util::ERROR);
$l = new \OC_L10n('core');
\OC_JSON::error(array('message' => $l->t('Error loading tags')));
exit;
}
}
public static function getDisplayNames($args)
{
\OC_JSON::checkLoggedIn();
\OC_JSON::callCheck();
$users = $_GET['users'];
$result = array();
$userManager = \OC::$server->getUserManager();
foreach ($users as $user) {
$userObject = $userManager->get($user);
if (is_object($userObject)) {
$result[$user] = $userObject->getDisplayName();
} else {
$result[$user] = $user;
}
}
\OC_JSON::success(array('users' => $result));
}
// Init owncloud
global $eventSource;
if (!OC_User::isLoggedIn()) {
exit;
}
\OC::$server->getSession()->close();
// Get the params
$dir = isset($_REQUEST['dir']) ? '/' . trim($_REQUEST['dir'], '/\\') : '';
$filename = isset($_REQUEST['filename']) ? trim($_REQUEST['filename'], '/\\') : '';
$content = isset($_REQUEST['content']) ? $_REQUEST['content'] : '';
$source = isset($_REQUEST['source']) ? trim($_REQUEST['source'], '/\\') : '';
if ($source) {
$eventSource = \OC::$server->createEventSource();
} else {
OC_JSON::callCheck();
}
function progress($notification_code, $severity, $message, $message_code, $bytes_transferred, $bytes_max)
{
static $filesize = 0;
static $lastsize = 0;
global $eventSource;
switch ($notification_code) {
case STREAM_NOTIFY_FILE_SIZE_IS:
$filesize = $bytes_max;
break;
case STREAM_NOTIFY_PROGRESS:
if ($bytes_transferred > 0) {
if (!isset($filesize) || $filesize === 0) {
} else {
$progress = (int) ($bytes_transferred / $filesize * 100);
/**
* Handle the request
*/
public static function handleRequest()
{
\OC::$server->getEventLogger()->start('handle_request', 'Handle request');
$systemConfig = \OC::$server->getSystemConfig();
// load all the classpaths from the enabled apps so they are available
// in the routing files of each app
OC::loadAppClassPaths();
// Check if ownCloud is installed or in maintenance (update) mode
if (!$systemConfig->getValue('installed', false)) {
\OC::$server->getSession()->clear();
$setupHelper = new OC\Setup(\OC::$server->getConfig(), \OC::$server->getIniWrapper(), \OC::$server->getL10N('lib'), new \OC_Defaults(), \OC::$server->getLogger(), \OC::$server->getSecureRandom());
$controller = new OC\Core\Setup\Controller($setupHelper);
$controller->run($_POST);
exit;
}
$request = \OC::$server->getRequest()->getPathInfo();
if (substr($request, -3) !== '.js') {
// we need these files during the upgrade
self::checkMaintenanceMode();
self::checkUpgrade();
}
// Always load authentication apps
OC_App::loadApps(['authentication']);
// Load minimum set of apps
if (!self::checkUpgrade(false) && !$systemConfig->getValue('maintenance', false) && !\OCP\Util::needUpgrade()) {
// For logged-in users: Load everything
if (OC_User::isLoggedIn()) {
OC_App::loadApps();
} else {
// For guests: Load only filesystem and logging
OC_App::loadApps(array('filesystem', 'logging'));
\OC_User::tryBasicAuthLogin();
}
}
if (!self::$CLI and (!isset($_GET["logout"]) or $_GET["logout"] !== 'true')) {
try {
if (!$systemConfig->getValue('maintenance', false) && !\OCP\Util::needUpgrade()) {
OC_App::loadApps(array('filesystem', 'logging'));
OC_App::loadApps();
}
self::checkSingleUserMode();
OC_Util::setupFS();
OC::$server->getRouter()->match(\OC::$server->getRequest()->getRawPathInfo());
return;
} catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) {
//header('HTTP/1.0 404 Not Found');
} catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) {
OC_Response::setStatus(405);
return;
}
}
// Handle redirect URL for logged in users
if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) {
$location = OC_Helper::makeURLAbsolute(urldecode($_REQUEST['redirect_url']));
// Deny the redirect if the URL contains a @
// This prevents unvalidated redirects like ?redirect_url=:user@domain.com
if (strpos($location, '@') === false) {
header('Location: ' . $location);
return;
}
}
// Handle WebDAV
if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') {
// not allowed any more to prevent people
// mounting this root directly.
// Users need to mount remote.php/webdav instead.
header('HTTP/1.1 405 Method Not Allowed');
header('Status: 405 Method Not Allowed');
return;
}
// Redirect to index if the logout link is accessed without valid session
// this is needed to prevent "Token expired" messages while login if a session is expired
// @see https://github.com/owncloud/core/pull/8443#issuecomment-42425583
if (isset($_GET['logout']) && !OC_User::isLoggedIn()) {
header("Location: " . OC::$WEBROOT . (empty(OC::$WEBROOT) ? '/' : ''));
return;
}
// Someone is logged in
if (OC_User::isLoggedIn()) {
OC_App::loadApps();
OC_User::setupBackends();
OC_Util::setupFS();
if (isset($_GET["logout"]) and $_GET["logout"]) {
OC_JSON::callCheck();
if (isset($_COOKIE['oc_token'])) {
\OC::$server->getConfig()->deleteUserValue(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']);
}
OC_User::logout();
// redirect to webroot and add slash if webroot is empty
header("Location: " . OC::$WEBROOT . (empty(OC::$WEBROOT) ? '/' : ''));
} else {
// Redirect to default application
OC_Util::redirectToDefaultPage();
}
} else {
// Not handled and not logged in
self::handleLogin();
}
}
public static function changeUserPassword($args)
{
// Check if we are an user
\OC_JSON::callCheck();
\OC_JSON::checkLoggedIn();
$l = new \OC_L10n('settings');
if (isset($_POST['username'])) {
$username = $_POST['username'];
} else {
\OC_JSON::error(array('data' => array('message' => $l->t('No user supplied'))));
exit;
}
$password = isset($_POST['password']) ? $_POST['password'] : null;
$recoveryPassword = isset($_POST['recoveryPassword']) ? $_POST['recoveryPassword'] : null;
$isUserAccessible = false;
$currentUserObject = \OC::$server->getUserSession()->getUser();
$targetUserObject = \OC::$server->getUserManager()->get($username);
if ($currentUserObject !== null && $targetUserObject !== null) {
$isUserAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isUserAccessible($currentUserObject, $targetUserObject);
}
if (\OC_User::isAdminUser(\OC_User::getUser())) {
$userstatus = 'admin';
} elseif ($isUserAccessible) {
$userstatus = 'subadmin';
} else {
\OC_JSON::error(array('data' => array('message' => $l->t('Authentication error'))));
exit;
}
if (\OC_App::isEnabled('encryption')) {
//handle the recovery case
$crypt = new \OCA\Encryption\Crypto\Crypt(\OC::$server->getLogger(), \OC::$server->getUserSession(), \OC::$server->getConfig(), \OC::$server->getL10N('encryption'));
$keyStorage = \OC::$server->getEncryptionKeyStorage();
$util = new \OCA\Encryption\Util(new \OC\Files\View(), $crypt, \OC::$server->getLogger(), \OC::$server->getUserSession(), \OC::$server->getConfig(), \OC::$server->getUserManager());
$keyManager = new \OCA\Encryption\KeyManager($keyStorage, $crypt, \OC::$server->getConfig(), \OC::$server->getUserSession(), new \OCA\Encryption\Session(\OC::$server->getSession()), \OC::$server->getLogger(), $util);
$recovery = new \OCA\Encryption\Recovery(\OC::$server->getUserSession(), $crypt, \OC::$server->getSecureRandom(), $keyManager, \OC::$server->getConfig(), $keyStorage, \OC::$server->getEncryptionFilesHelper(), new \OC\Files\View());
$recoveryAdminEnabled = $recovery->isRecoveryKeyEnabled();
$validRecoveryPassword = false;
$recoveryEnabledForUser = false;
if ($recoveryAdminEnabled) {
$validRecoveryPassword = $keyManager->checkRecoveryPassword($recoveryPassword);
$recoveryEnabledForUser = $recovery->isRecoveryEnabledForUser($username);
}
if ($recoveryEnabledForUser && $recoveryPassword === '') {
\OC_JSON::error(array('data' => array('message' => $l->t('Please provide an admin recovery password, otherwise all user data will be lost'))));
} elseif ($recoveryEnabledForUser && !$validRecoveryPassword) {
\OC_JSON::error(array('data' => array('message' => $l->t('Wrong admin recovery password. Please check the password and try again.'))));
} else {
// now we know that everything is fine regarding the recovery password, let's try to change the password
$result = \OC_User::setPassword($username, $password, $recoveryPassword);
if (!$result && $recoveryEnabledForUser) {
\OC_JSON::error(array("data" => array("message" => $l->t("Backend doesn't support password change, but the user's encryption key was successfully updated."))));
} elseif (!$result && !$recoveryEnabledForUser) {
\OC_JSON::error(array("data" => array("message" => $l->t("Unable to change password"))));
} else {
\OC_JSON::success(array("data" => array("username" => $username)));
}
}
} else {
// if encryption is disabled, proceed
if (!is_null($password) && \OC_User::setPassword($username, $password)) {
\OC_JSON::success(array('data' => array('username' => $username)));
} else {
\OC_JSON::error(array('data' => array('message' => $l->t('Unable to change password'))));
}
}
}
/**
* Tries to login a user using the formbased authentication
* @return bool|void
*/
protected static function tryFormLogin()
{
if (!isset($_POST["user"]) || !isset($_POST['password'])) {
return false;
}
OC_JSON::callCheck();
OC_App::loadApps();
//setup extra user backends
OC_User::setupBackends();
if (OC_User::login($_POST["user"], $_POST["password"])) {
// setting up the time zone
if (isset($_POST['timezone-offset'])) {
self::$server->getSession()->set('timezone', $_POST['timezone-offset']);
}
$userid = OC_User::getUser();
self::cleanupLoginTokens($userid);
if (!empty($_POST["remember_login"])) {
if (defined("DEBUG") && DEBUG) {
OC_Log::write('core', 'Setting remember login to cookie', OC_Log::DEBUG);
}
$token = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(32);
OC_Preferences::setValue($userid, 'login_token', $token, time());
OC_User::setMagicInCookie($userid, $token);
} else {
OC_User::unsetMagicInCookie();
}
OC_Util::redirectToDefaultPage();
exit;
}
return true;
}
/**
* @brief Check an ajax get/post call if the request token is valid.
* @return json Error msg if not valid.
*/
public static function callCheck()
{
return \OC_JSON::callCheck();
}
public static function changeUserPassword($args)
{
// Check if we are an user
\OC_JSON::callCheck();
\OC_JSON::checkLoggedIn();
// Manually load apps to ensure hooks work correctly (workaround for issue 1503)
\OC_App::loadApps();
if (isset($_POST['username'])) {
$username = $_POST['username'];
} else {
$l = new \OC_L10n('settings');
\OC_JSON::error(array('data' => array('message' => $l->t('No user supplied'))));
exit;
}
$password = isset($_POST['password']) ? $_POST['password'] : null;
$recoveryPassword = isset($_POST['recoveryPassword']) ? $_POST['recoveryPassword'] : null;
if (\OC_User::isAdminUser(\OC_User::getUser())) {
$userstatus = 'admin';
} elseif (\OC_SubAdmin::isUserAccessible(\OC_User::getUser(), $username)) {
$userstatus = 'subadmin';
} else {
$l = new \OC_L10n('settings');
\OC_JSON::error(array('data' => array('message' => $l->t('Authentication error'))));
exit;
}
if (\OC_App::isEnabled('files_encryption')) {
//handle the recovery case
$util = new \OCA\Encryption\Util(new \OC_FilesystemView('/'), $username);
$recoveryAdminEnabled = \OC_Appconfig::getValue('files_encryption', 'recoveryAdminEnabled');
$validRecoveryPassword = false;
$recoveryPasswordSupported = false;
if ($recoveryAdminEnabled) {
$validRecoveryPassword = $util->checkRecoveryPassword($recoveryPassword);
$recoveryEnabledForUser = $util->recoveryEnabledForUser();
}
if ($recoveryEnabledForUser && $recoveryPassword === '') {
$l = new \OC_L10n('settings');
\OC_JSON::error(array('data' => array('message' => $l->t('Please provide an admin recovery password, otherwise all user data will be lost'))));
} elseif ($recoveryEnabledForUser && !$validRecoveryPassword) {
$l = new \OC_L10n('settings');
\OC_JSON::error(array('data' => array('message' => $l->t('Wrong admin recovery password. Please check the password and try again.'))));
} else {
// now we know that everything is fine regarding the recovery password, let's try to change the password
$result = \OC_User::setPassword($username, $password, $recoveryPassword);
if (!$result && $recoveryPasswordSupported) {
$l = new \OC_L10n('settings');
\OC_JSON::error(array("data" => array("message" => $l->t("Back-end doesn't support password change, but the users encryption key was successfully updated."))));
} elseif (!$result && !$recoveryPasswordSupported) {
$l = new \OC_L10n('settings');
\OC_JSON::error(array("data" => array("message" => $l->t("Unable to change password"))));
} else {
\OC_JSON::success(array("data" => array("username" => $username)));
}
}
} else {
// if encryption is disabled, proceed
if (!is_null($password) && \OC_User::setPassword($username, $password)) {
\OC_JSON::success(array('data' => array('username' => $username)));
} else {
$l = new \OC_L10n('settings');
\OC_JSON::error(array('data' => array('message' => $l->t('Unable to change password'))));
}
}
}
public static function postCroppedAvatar($args)
{
\OC_JSON::checkLoggedIn();
\OC_JSON::callCheck();
$user = \OC_User::getUser();
if (isset($_POST['crop'])) {
$crop = $_POST['crop'];
} else {
$l = new \OC_L10n('core');
\OC_JSON::error(array("data" => array("message" => $l->t("No crop data provided"))));
return;
}
$tmpavatar = \OC_Cache::get('tmpavatar');
if (is_null($tmpavatar)) {
$l = new \OC_L10n('core');
\OC_JSON::error(array("data" => array("message" => $l->t("No temporary profile picture available, try again"))));
return;
}
$image = new \OC_Image($tmpavatar);
$image->crop($crop['x'], $crop['y'], $crop['w'], $crop['h']);
try {
$avatar = new \OC_Avatar($user);
$avatar->set($image->data());
// Clean up
\OC_Cache::remove('tmpavatar');
\OC_JSON::success();
} catch (\Exception $e) {
\OC_JSON::error(array("data" => array("message" => $e->getMessage())));
}
}
