protected static function getTagger($type) { \OC_JSON::checkLoggedIn(); \OC_JSON::callCheck(); try { $tagger = \OC::$server->getTagManager()->load($type); return $tagger; } catch (\Exception $e) { \OCP\Util::writeLog('core', __METHOD__ . ' Exception: ' . $e->getMessage(), \OCP\Util::ERROR); $l = new \OC_L10n('core'); \OC_JSON::error(array('message' => $l->t('Error loading tags'))); exit; } }
public static function getDisplayNames($args) { \OC_JSON::checkLoggedIn(); \OC_JSON::callCheck(); $users = $_GET['users']; $result = array(); $userManager = \OC::$server->getUserManager(); foreach ($users as $user) { $userObject = $userManager->get($user); if (is_object($userObject)) { $result[$user] = $userObject->getDisplayName(); } else { $result[$user] = $user; } } \OC_JSON::success(array('users' => $result)); }
// Init owncloud global $eventSource; if (!OC_User::isLoggedIn()) { exit; } \OC::$server->getSession()->close(); // Get the params $dir = isset($_REQUEST['dir']) ? '/' . trim($_REQUEST['dir'], '/\\') : ''; $filename = isset($_REQUEST['filename']) ? trim($_REQUEST['filename'], '/\\') : ''; $content = isset($_REQUEST['content']) ? $_REQUEST['content'] : ''; $source = isset($_REQUEST['source']) ? trim($_REQUEST['source'], '/\\') : ''; if ($source) { $eventSource = \OC::$server->createEventSource(); } else { OC_JSON::callCheck(); } function progress($notification_code, $severity, $message, $message_code, $bytes_transferred, $bytes_max) { static $filesize = 0; static $lastsize = 0; global $eventSource; switch ($notification_code) { case STREAM_NOTIFY_FILE_SIZE_IS: $filesize = $bytes_max; break; case STREAM_NOTIFY_PROGRESS: if ($bytes_transferred > 0) { if (!isset($filesize) || $filesize === 0) { } else { $progress = (int) ($bytes_transferred / $filesize * 100);
/** * Handle the request */ public static function handleRequest() { \OC::$server->getEventLogger()->start('handle_request', 'Handle request'); $systemConfig = \OC::$server->getSystemConfig(); // load all the classpaths from the enabled apps so they are available // in the routing files of each app OC::loadAppClassPaths(); // Check if ownCloud is installed or in maintenance (update) mode if (!$systemConfig->getValue('installed', false)) { \OC::$server->getSession()->clear(); $setupHelper = new OC\Setup(\OC::$server->getConfig(), \OC::$server->getIniWrapper(), \OC::$server->getL10N('lib'), new \OC_Defaults(), \OC::$server->getLogger(), \OC::$server->getSecureRandom()); $controller = new OC\Core\Setup\Controller($setupHelper); $controller->run($_POST); exit; } $request = \OC::$server->getRequest()->getPathInfo(); if (substr($request, -3) !== '.js') { // we need these files during the upgrade self::checkMaintenanceMode(); self::checkUpgrade(); } // Always load authentication apps OC_App::loadApps(['authentication']); // Load minimum set of apps if (!self::checkUpgrade(false) && !$systemConfig->getValue('maintenance', false) && !\OCP\Util::needUpgrade()) { // For logged-in users: Load everything if (OC_User::isLoggedIn()) { OC_App::loadApps(); } else { // For guests: Load only filesystem and logging OC_App::loadApps(array('filesystem', 'logging')); \OC_User::tryBasicAuthLogin(); } } if (!self::$CLI and (!isset($_GET["logout"]) or $_GET["logout"] !== 'true')) { try { if (!$systemConfig->getValue('maintenance', false) && !\OCP\Util::needUpgrade()) { OC_App::loadApps(array('filesystem', 'logging')); OC_App::loadApps(); } self::checkSingleUserMode(); OC_Util::setupFS(); OC::$server->getRouter()->match(\OC::$server->getRequest()->getRawPathInfo()); return; } catch (Symfony\Component\Routing\Exception\ResourceNotFoundException $e) { //header('HTTP/1.0 404 Not Found'); } catch (Symfony\Component\Routing\Exception\MethodNotAllowedException $e) { OC_Response::setStatus(405); return; } } // Handle redirect URL for logged in users if (isset($_REQUEST['redirect_url']) && OC_User::isLoggedIn()) { $location = OC_Helper::makeURLAbsolute(urldecode($_REQUEST['redirect_url'])); // Deny the redirect if the URL contains a @ // This prevents unvalidated redirects like ?redirect_url=:user@domain.com if (strpos($location, '@') === false) { header('Location: ' . $location); return; } } // Handle WebDAV if ($_SERVER['REQUEST_METHOD'] == 'PROPFIND') { // not allowed any more to prevent people // mounting this root directly. // Users need to mount remote.php/webdav instead. header('HTTP/1.1 405 Method Not Allowed'); header('Status: 405 Method Not Allowed'); return; } // Redirect to index if the logout link is accessed without valid session // this is needed to prevent "Token expired" messages while login if a session is expired // @see https://github.com/owncloud/core/pull/8443#issuecomment-42425583 if (isset($_GET['logout']) && !OC_User::isLoggedIn()) { header("Location: " . OC::$WEBROOT . (empty(OC::$WEBROOT) ? '/' : '')); return; } // Someone is logged in if (OC_User::isLoggedIn()) { OC_App::loadApps(); OC_User::setupBackends(); OC_Util::setupFS(); if (isset($_GET["logout"]) and $_GET["logout"]) { OC_JSON::callCheck(); if (isset($_COOKIE['oc_token'])) { \OC::$server->getConfig()->deleteUserValue(OC_User::getUser(), 'login_token', $_COOKIE['oc_token']); } OC_User::logout(); // redirect to webroot and add slash if webroot is empty header("Location: " . OC::$WEBROOT . (empty(OC::$WEBROOT) ? '/' : '')); } else { // Redirect to default application OC_Util::redirectToDefaultPage(); } } else { // Not handled and not logged in self::handleLogin(); } }
public static function changeUserPassword($args) { // Check if we are an user \OC_JSON::callCheck(); \OC_JSON::checkLoggedIn(); $l = new \OC_L10n('settings'); if (isset($_POST['username'])) { $username = $_POST['username']; } else { \OC_JSON::error(array('data' => array('message' => $l->t('No user supplied')))); exit; } $password = isset($_POST['password']) ? $_POST['password'] : null; $recoveryPassword = isset($_POST['recoveryPassword']) ? $_POST['recoveryPassword'] : null; $isUserAccessible = false; $currentUserObject = \OC::$server->getUserSession()->getUser(); $targetUserObject = \OC::$server->getUserManager()->get($username); if ($currentUserObject !== null && $targetUserObject !== null) { $isUserAccessible = \OC::$server->getGroupManager()->getSubAdmin()->isUserAccessible($currentUserObject, $targetUserObject); } if (\OC_User::isAdminUser(\OC_User::getUser())) { $userstatus = 'admin'; } elseif ($isUserAccessible) { $userstatus = 'subadmin'; } else { \OC_JSON::error(array('data' => array('message' => $l->t('Authentication error')))); exit; } if (\OC_App::isEnabled('encryption')) { //handle the recovery case $crypt = new \OCA\Encryption\Crypto\Crypt(\OC::$server->getLogger(), \OC::$server->getUserSession(), \OC::$server->getConfig(), \OC::$server->getL10N('encryption')); $keyStorage = \OC::$server->getEncryptionKeyStorage(); $util = new \OCA\Encryption\Util(new \OC\Files\View(), $crypt, \OC::$server->getLogger(), \OC::$server->getUserSession(), \OC::$server->getConfig(), \OC::$server->getUserManager()); $keyManager = new \OCA\Encryption\KeyManager($keyStorage, $crypt, \OC::$server->getConfig(), \OC::$server->getUserSession(), new \OCA\Encryption\Session(\OC::$server->getSession()), \OC::$server->getLogger(), $util); $recovery = new \OCA\Encryption\Recovery(\OC::$server->getUserSession(), $crypt, \OC::$server->getSecureRandom(), $keyManager, \OC::$server->getConfig(), $keyStorage, \OC::$server->getEncryptionFilesHelper(), new \OC\Files\View()); $recoveryAdminEnabled = $recovery->isRecoveryKeyEnabled(); $validRecoveryPassword = false; $recoveryEnabledForUser = false; if ($recoveryAdminEnabled) { $validRecoveryPassword = $keyManager->checkRecoveryPassword($recoveryPassword); $recoveryEnabledForUser = $recovery->isRecoveryEnabledForUser($username); } if ($recoveryEnabledForUser && $recoveryPassword === '') { \OC_JSON::error(array('data' => array('message' => $l->t('Please provide an admin recovery password, otherwise all user data will be lost')))); } elseif ($recoveryEnabledForUser && !$validRecoveryPassword) { \OC_JSON::error(array('data' => array('message' => $l->t('Wrong admin recovery password. Please check the password and try again.')))); } else { // now we know that everything is fine regarding the recovery password, let's try to change the password $result = \OC_User::setPassword($username, $password, $recoveryPassword); if (!$result && $recoveryEnabledForUser) { \OC_JSON::error(array("data" => array("message" => $l->t("Backend doesn't support password change, but the user's encryption key was successfully updated.")))); } elseif (!$result && !$recoveryEnabledForUser) { \OC_JSON::error(array("data" => array("message" => $l->t("Unable to change password")))); } else { \OC_JSON::success(array("data" => array("username" => $username))); } } } else { // if encryption is disabled, proceed if (!is_null($password) && \OC_User::setPassword($username, $password)) { \OC_JSON::success(array('data' => array('username' => $username))); } else { \OC_JSON::error(array('data' => array('message' => $l->t('Unable to change password')))); } } }
/** * Tries to login a user using the formbased authentication * @return bool|void */ protected static function tryFormLogin() { if (!isset($_POST["user"]) || !isset($_POST['password'])) { return false; } OC_JSON::callCheck(); OC_App::loadApps(); //setup extra user backends OC_User::setupBackends(); if (OC_User::login($_POST["user"], $_POST["password"])) { // setting up the time zone if (isset($_POST['timezone-offset'])) { self::$server->getSession()->set('timezone', $_POST['timezone-offset']); } $userid = OC_User::getUser(); self::cleanupLoginTokens($userid); if (!empty($_POST["remember_login"])) { if (defined("DEBUG") && DEBUG) { OC_Log::write('core', 'Setting remember login to cookie', OC_Log::DEBUG); } $token = \OC::$server->getSecureRandom()->getMediumStrengthGenerator()->generate(32); OC_Preferences::setValue($userid, 'login_token', $token, time()); OC_User::setMagicInCookie($userid, $token); } else { OC_User::unsetMagicInCookie(); } OC_Util::redirectToDefaultPage(); exit; } return true; }
/** * @brief Check an ajax get/post call if the request token is valid. * @return json Error msg if not valid. */ public static function callCheck() { return \OC_JSON::callCheck(); }
public static function changeUserPassword($args) { // Check if we are an user \OC_JSON::callCheck(); \OC_JSON::checkLoggedIn(); // Manually load apps to ensure hooks work correctly (workaround for issue 1503) \OC_App::loadApps(); if (isset($_POST['username'])) { $username = $_POST['username']; } else { $l = new \OC_L10n('settings'); \OC_JSON::error(array('data' => array('message' => $l->t('No user supplied')))); exit; } $password = isset($_POST['password']) ? $_POST['password'] : null; $recoveryPassword = isset($_POST['recoveryPassword']) ? $_POST['recoveryPassword'] : null; if (\OC_User::isAdminUser(\OC_User::getUser())) { $userstatus = 'admin'; } elseif (\OC_SubAdmin::isUserAccessible(\OC_User::getUser(), $username)) { $userstatus = 'subadmin'; } else { $l = new \OC_L10n('settings'); \OC_JSON::error(array('data' => array('message' => $l->t('Authentication error')))); exit; } if (\OC_App::isEnabled('files_encryption')) { //handle the recovery case $util = new \OCA\Encryption\Util(new \OC_FilesystemView('/'), $username); $recoveryAdminEnabled = \OC_Appconfig::getValue('files_encryption', 'recoveryAdminEnabled'); $validRecoveryPassword = false; $recoveryPasswordSupported = false; if ($recoveryAdminEnabled) { $validRecoveryPassword = $util->checkRecoveryPassword($recoveryPassword); $recoveryEnabledForUser = $util->recoveryEnabledForUser(); } if ($recoveryEnabledForUser && $recoveryPassword === '') { $l = new \OC_L10n('settings'); \OC_JSON::error(array('data' => array('message' => $l->t('Please provide an admin recovery password, otherwise all user data will be lost')))); } elseif ($recoveryEnabledForUser && !$validRecoveryPassword) { $l = new \OC_L10n('settings'); \OC_JSON::error(array('data' => array('message' => $l->t('Wrong admin recovery password. Please check the password and try again.')))); } else { // now we know that everything is fine regarding the recovery password, let's try to change the password $result = \OC_User::setPassword($username, $password, $recoveryPassword); if (!$result && $recoveryPasswordSupported) { $l = new \OC_L10n('settings'); \OC_JSON::error(array("data" => array("message" => $l->t("Back-end doesn't support password change, but the users encryption key was successfully updated.")))); } elseif (!$result && !$recoveryPasswordSupported) { $l = new \OC_L10n('settings'); \OC_JSON::error(array("data" => array("message" => $l->t("Unable to change password")))); } else { \OC_JSON::success(array("data" => array("username" => $username))); } } } else { // if encryption is disabled, proceed if (!is_null($password) && \OC_User::setPassword($username, $password)) { \OC_JSON::success(array('data' => array('username' => $username))); } else { $l = new \OC_L10n('settings'); \OC_JSON::error(array('data' => array('message' => $l->t('Unable to change password')))); } } }
public static function postCroppedAvatar($args) { \OC_JSON::checkLoggedIn(); \OC_JSON::callCheck(); $user = \OC_User::getUser(); if (isset($_POST['crop'])) { $crop = $_POST['crop']; } else { $l = new \OC_L10n('core'); \OC_JSON::error(array("data" => array("message" => $l->t("No crop data provided")))); return; } $tmpavatar = \OC_Cache::get('tmpavatar'); if (is_null($tmpavatar)) { $l = new \OC_L10n('core'); \OC_JSON::error(array("data" => array("message" => $l->t("No temporary profile picture available, try again")))); return; } $image = new \OC_Image($tmpavatar); $image->crop($crop['x'], $crop['y'], $crop['w'], $crop['h']); try { $avatar = new \OC_Avatar($user); $avatar->set($image->data()); // Clean up \OC_Cache::remove('tmpavatar'); \OC_JSON::success(); } catch (\Exception $e) { \OC_JSON::error(array("data" => array("message" => $e->getMessage()))); } }