WipeController.php 2.9 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * @copyright Copyright (c) 2019, Roeland Jago Douma <roeland@famdouma.nl>
  5. *
  6. * @author Roeland Jago Douma <roeland@famdouma.nl>
  7. * @author Kate Döen <kate.doeen@nextcloud.com>
  8. *
  9. * @license GNU AGPL version 3 or any later version
  10. *
  11. * This program is free software: you can redistribute it and/or modify
  12. * it under the terms of the GNU Affero General Public License as
  13. * published by the Free Software Foundation, either version 3 of the
  14. * License, or (at your option) any later version.
  15. *
  16. * This program is distributed in the hope that it will be useful,
  17. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  18. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  19. * GNU Affero General Public License for more details.
  20. *
  21. * You should have received a copy of the GNU Affero General Public License
  22. * along with this program. If not, see <http://www.gnu.org/licenses/>.
  23. *
  24. */
  25. namespace OC\Core\Controller;
  26. use OC\Authentication\Token\RemoteWipe;
  27. use OCP\AppFramework\Controller;
  28. use OCP\AppFramework\Http;
  29. use OCP\AppFramework\Http\Attribute\FrontpageRoute;
  30. use OCP\AppFramework\Http\JSONResponse;
  31. use OCP\Authentication\Exceptions\InvalidTokenException;
  32. use OCP\IRequest;
  33. class WipeController extends Controller {
  34. public function __construct(
  35. string $appName,
  36. IRequest $request,
  37. private RemoteWipe $remoteWipe,
  38. ) {
  39. parent::__construct($appName, $request);
  40. }
  41. /**
  42. * @NoAdminRequired
  43. * @NoCSRFRequired
  44. * @PublicPage
  45. *
  46. * @AnonRateThrottle(limit=10, period=300)
  47. *
  48. * Check if the device should be wiped
  49. *
  50. * @param string $token App password
  51. *
  52. * @return JSONResponse<Http::STATUS_OK, array{wipe: bool}, array{}>|JSONResponse<Http::STATUS_NOT_FOUND, array<empty>, array{}>
  53. *
  54. * 200: Device should be wiped
  55. * 404: Device should not be wiped
  56. */
  57. #[FrontpageRoute(verb: 'POST', url: '/core/wipe/check')]
  58. public function checkWipe(string $token): JSONResponse {
  59. try {
  60. if ($this->remoteWipe->start($token)) {
  61. return new JSONResponse([
  62. 'wipe' => true
  63. ]);
  64. }
  65. return new JSONResponse([], Http::STATUS_NOT_FOUND);
  66. } catch (InvalidTokenException $e) {
  67. return new JSONResponse([], Http::STATUS_NOT_FOUND);
  68. }
  69. }
  70. /**
  71. * @NoAdminRequired
  72. * @NoCSRFRequired
  73. * @PublicPage
  74. *
  75. * @AnonRateThrottle(limit=10, period=300)
  76. *
  77. * Finish the wipe
  78. *
  79. * @param string $token App password
  80. *
  81. * @return JSONResponse<Http::STATUS_OK|Http::STATUS_NOT_FOUND, array<empty>, array{}>
  82. *
  83. * 200: Wipe finished successfully
  84. * 404: Device should not be wiped
  85. */
  86. #[FrontpageRoute(verb: 'POST', url: '/core/wipe/success')]
  87. public function wipeDone(string $token): JSONResponse {
  88. try {
  89. if ($this->remoteWipe->finish($token)) {
  90. return new JSONResponse([]);
  91. }
  92. return new JSONResponse([], Http::STATUS_NOT_FOUND);
  93. } catch (InvalidTokenException $e) {
  94. return new JSONResponse([], Http::STATUS_NOT_FOUND);
  95. }
  96. }
  97. }