* @author Lukas Reschke * @author Morris Jobke * @author Vincent Petry * * @license AGPL-3.0 * * This code is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License, version 3, * as published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License, version 3, * along with this program. If not, see * */ namespace OCA\UpdateNotification\Controller; use OCA\UpdateNotification\ResetTokenBackgroundJob; use OCP\AppFramework\Controller; use OCP\AppFramework\Http; use OCP\AppFramework\Http\DataResponse; use OCP\AppFramework\Utility\ITimeFactory; use OCP\BackgroundJob\IJobList; use OCP\IConfig; use OCP\IL10N; use OCP\IRequest; use OCP\Security\ISecureRandom; use OCP\Util; class AdminController extends Controller { /** @var IJobList */ private $jobList; /** @var ISecureRandom */ private $secureRandom; /** @var IConfig */ private $config; /** @var ITimeFactory */ private $timeFactory; /** @var IL10N */ private $l10n; /** * @param string $appName * @param IRequest $request * @param IJobList $jobList * @param ISecureRandom $secureRandom * @param IConfig $config * @param ITimeFactory $timeFactory * @param IL10N $l10n */ public function __construct($appName, IRequest $request, IJobList $jobList, ISecureRandom $secureRandom, IConfig $config, ITimeFactory $timeFactory, IL10N $l10n) { parent::__construct($appName, $request); $this->jobList = $jobList; $this->secureRandom = $secureRandom; $this->config = $config; $this->timeFactory = $timeFactory; $this->l10n = $l10n; } private function isUpdaterEnabled() { return !$this->config->getSystemValue('upgrade.disable-web', false); } /** * @param string $channel * @return DataResponse */ public function setChannel(string $channel): DataResponse { Util::setChannel($channel); $this->config->setAppValue('core', 'lastupdatedat', '0'); return new DataResponse(['status' => 'success', 'data' => ['message' => $this->l10n->t('Channel updated')]]); } /** * @return DataResponse */ public function createCredentials(): DataResponse { if (!$this->isUpdaterEnabled()) { return new DataResponse(['status' => 'error', 'message' => $this->l10n->t('Web updater is disabled')], Http::STATUS_FORBIDDEN); } // Create a new job and store the creation date $this->jobList->add(ResetTokenBackgroundJob::class); $this->config->setAppValue('core', 'updater.secret.created', (string)$this->timeFactory->getTime()); // Create a new token $newToken = $this->secureRandom->generate(64); $this->config->setSystemValue('updater.secret', password_hash($newToken, PASSWORD_DEFAULT)); return new DataResponse($newToken); } }