/**
* Check if sharing is enabled before the controllers is executed
*
* Inspects the controller method annotations and if PublicPage is found
* it makes sure that sharing is enabled in the configuration settings
*
* The check is not performed on "guest" pages which don't require sharing
* to be enabled
*
* @inheritDoc
*/
public function beforeController($controller, $methodName)
{
$sharingEnabled = $this->isSharingEnabled();
$isPublicPage = $this->reflector->hasAnnotation('PublicPage');
$isGuest = $this->reflector->hasAnnotation('Guest');
if ($isPublicPage && !$isGuest && !$sharingEnabled) {
$this->logAndThrow("'Sharing is disabled'", Http::STATUS_SERVICE_UNAVAILABLE);
}
}
/**
* Checks if sharing is enabled before the controllers is executed
*
* Inspects the controller method annotations and if PublicPage is found
* it makes sure that sharing is enabled in the configuration settings
*
* The check is not performed on "guest" pages which don't require sharing
* to be enabled
*
* @inheritDoc
*/
public function beforeController($controller, $methodName)
{
if ($this->reflector->hasAnnotation('Guest')) {
return;
}
$sharingEnabled = $this->isSharingEnabled();
$isPublicPage = $this->reflector->hasAnnotation('PublicPage');
if ($isPublicPage && !$sharingEnabled) {
throw new CheckException("'Sharing is disabled'", Http::STATUS_SERVICE_UNAVAILABLE);
}
}
/**
* Checks that we have a valid token linked to a valid resource and that the
* user is authorised to access it
*
* Inspects the controller method annotations and if PublicPage is found
* it checks that we have a token and an optional password giving access to a valid resource.
* Once that's done, the environment is setup so that our services can find the resources they
* need.
*
* The checks are not performed on "guest" pages and the environment is not setup. Typical
* guest pages are anonymous error ages
*
* @inheritDoc
*/
public function beforeController($controller, $methodName)
{
if ($this->reflector->hasAnnotation('Guest')) {
return;
}
$isPublicPage = $this->reflector->hasAnnotation('PublicPage');
if ($isPublicPage) {
$this->validateAndSetTokenBasedEnv();
} else {
$this->environment->setStandardEnv();
}
}
/**
* Checks for externalshares controller
* @return bool
*/
private function externalSharesChecks()
{
if (!$this->reflector->hasAnnotation('NoIncomingFederatedSharingRequired') && $this->config->getAppValue('files_sharing', 'incoming_server2server_share_enabled', 'yes') !== 'yes') {
return false;
}
if (!$this->reflector->hasAnnotation('NoOutgoingFederatedSharingRequired') && $this->config->getAppValue('files_sharing', 'outgoing_server2server_share_enabled', 'yes') !== 'yes') {
return false;
}
return true;
}
/**
* @param Controller $controller
* @param string $methodName
*/
public function beforeController($controller, $methodName)
{
if ($this->reflector->hasAnnotation('PublicPage')) {
// Don't block public pages
return;
}
if ($controller instanceof \OC\Core\Controller\LoginController && $methodName === 'logout') {
// Don't block the logout page, to allow canceling the 2FA
return;
}
if ($this->userSession->isLoggedIn()) {
$user = $this->userSession->getUser();
if ($this->twoFactorManager->isTwoFactorAuthenticated($user)) {
$this->checkTwoFactor($controller, $methodName);
} else {
if ($controller instanceof TwoFactorChallengeController) {
// Allow access to the two-factor controllers only if two-factor authentication
// is in progress.
throw new UserAlreadyLoggedInException();
}
}
}
// TODO: dont check/enforce 2FA if a auth token is used
}
