AjaxController.php 2.4 KB

1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283848586878889909192939495
  1. <?php
  2. /**
  3. * SPDX-FileCopyrightText: 2017-2024 Nextcloud GmbH and Nextcloud contributors
  4. * SPDX-FileCopyrightText: 2016 ownCloud, Inc.
  5. * SPDX-License-Identifier: AGPL-3.0-only
  6. */
  7. namespace OCA\Files_External\Controller;
  8. use OCA\Files_External\Lib\Auth\Password\GlobalAuth;
  9. use OCA\Files_External\Lib\Auth\PublicKey\RSA;
  10. use OCP\AppFramework\Controller;
  11. use OCP\AppFramework\Http\Attribute\NoAdminRequired;
  12. use OCP\AppFramework\Http\Attribute\PasswordConfirmationRequired;
  13. use OCP\AppFramework\Http\JSONResponse;
  14. use OCP\IGroupManager;
  15. use OCP\IRequest;
  16. use OCP\IUserSession;
  17. class AjaxController extends Controller {
  18. /**
  19. * @param string $appName
  20. * @param IRequest $request
  21. * @param RSA $rsaMechanism
  22. * @param GlobalAuth $globalAuth
  23. * @param IUserSession $userSession
  24. * @param IGroupManager $groupManager
  25. */
  26. public function __construct(
  27. $appName,
  28. IRequest $request,
  29. private RSA $rsaMechanism,
  30. private GlobalAuth $globalAuth,
  31. private IUserSession $userSession,
  32. private IGroupManager $groupManager,
  33. ) {
  34. parent::__construct($appName, $request);
  35. }
  36. /**
  37. * @param int $keyLength
  38. * @return array
  39. */
  40. private function generateSshKeys($keyLength) {
  41. $key = $this->rsaMechanism->createKey($keyLength);
  42. // Replace the placeholder label with a more meaningful one
  43. $key['publickey'] = str_replace('phpseclib-generated-key', gethostname(), $key['publickey']);
  44. return $key;
  45. }
  46. /**
  47. * Generates an SSH public/private key pair.
  48. *
  49. * @param int $keyLength
  50. */
  51. #[NoAdminRequired]
  52. public function getSshKeys($keyLength = 1024) {
  53. $key = $this->generateSshKeys($keyLength);
  54. return new JSONResponse(
  55. ['data' => [
  56. 'private_key' => $key['privatekey'],
  57. 'public_key' => $key['publickey']
  58. ],
  59. 'status' => 'success'
  60. ]);
  61. }
  62. /**
  63. * @param string $uid
  64. * @param string $user
  65. * @param string $password
  66. * @return bool
  67. */
  68. #[NoAdminRequired]
  69. #[PasswordConfirmationRequired(strict: true)]
  70. public function saveGlobalCredentials($uid, $user, $password) {
  71. $currentUser = $this->userSession->getUser();
  72. if ($currentUser === null) {
  73. return false;
  74. }
  75. // Non-admins can only edit their own credentials
  76. // Admin can edit global credentials
  77. $allowedToEdit = $uid === ''
  78. ? $this->groupManager->isAdmin($currentUser->getUID())
  79. : $currentUser->getUID() === $uid;
  80. if ($allowedToEdit) {
  81. $this->globalAuth->saveAuth($uid, $user, $password);
  82. return true;
  83. }
  84. return false;
  85. }
  86. }