Home Explore Help
Sign In
RISCI_ATOM
/
nextcloud-server
mirror of https://github.com/nextcloud/server.git
1
0
Fork 0
Files Issues 23 Wiki
Tree: 3d68a526e7
Branches Tags
nextcloud-serve...
/
lib
/
private
/
Lockdown
/
LockdownManager.php

LockdownManager.php 2.1 KB
History Raw

12345678910111213141516171819202122232425262728293031323334353637383940414243444546474849505152535455565758596061626364656667686970717273747576777879808182 
  1. <?php
    2. 

  2. /**
    3. 

  3.  * @copyright Copyright (c) 2016, Robin Appelman <robin@icewind.nl>
    4. 

  4.  *
    5. 

  5.  * @author Robin Appelman <robin@icewind.nl>
    6. 

  6.  *
    7. 

  7.  * @license GNU AGPL version 3 or any later version
    8. 

  8.  *
    9. 

  9.  * This program is free software: you can redistribute it and/or modify
    10. 

  10.  * it under the terms of the GNU Affero General Public License as
    11. 

  11.  * published by the Free Software Foundation, either version 3 of the
    12. 

  12.  * License, or (at your option) any later version.
    13. 

  13.  *
    14. 

  14.  * This program is distributed in the hope that it will be useful,
    15. 

  15.  * but WITHOUT ANY WARRANTY; without even the implied warranty of
    16. 

  16.  * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
    17. 

  17.  * GNU Affero General Public License for more details.
    18. 

  18.  *
    19. 

  19.  * You should have received a copy of the GNU Affero General Public License
    20. 

  20.  * along with this program. If not, see <http://www.gnu.org/licenses/>.
    21. 

  21.  *
    22. 

  22.  */
    23. 

  23. namespace OC\Lockdown;
    24. 

  24. 

  25. use OC\Authentication\Token\IToken;
    26. 

  26. use OCP\ISession;
    27. 

  27. use OCP\Lockdown\ILockdownManager;
    28. 

  28. 

  29. class LockdownManager implements ILockdownManager {
    30. 

  30. 	/** @var ISession */
    31. 

  31. 	private $sessionCallback;
    32. 

  32. 

  33. 	private $enabled = false;
    34. 

  34. 

  35. 	/** @var array|null */
    36. 

  36. 	private $scope;
    37. 

  37. 

  38. 	/**
    39. 

  39. 	 * LockdownManager constructor.
    40. 

  40. 	 *
    41. 

  41. 	 * @param callable $sessionCallback we need to inject the session lazily to avoid dependency loops
    42. 

  42. 	 */
    43. 

  43. 	public function __construct(callable $sessionCallback) {
    44. 

  44. 		$this->sessionCallback = $sessionCallback;
    45. 

  45. 	}
    46. 

  46. 

  47. 

  48. 	public function enable() {
    49. 

  49. 		$this->enabled = true;
    50. 

  50. 	}
    51. 

  51. 

  52. 	/**
    53. 

  53. 	 * @return ISession
    54. 

  54. 	 */
    55. 

  55. 	private function getSession() {
    56. 

  56. 		$callback = $this->sessionCallback;
    57. 

  57. 		return $callback();
    58. 

  58. 	}
    59. 

  59. 

  60. 	private function getScopeAsArray() {
    61. 

  61. 		if (!$this->scope) {
    62. 

  62. 			$session = $this->getSession();
    63. 

  63. 			$sessionScope = $session->get('token_scope');
    64. 

  64. 			if ($sessionScope) {
    65. 

  65. 				$this->scope = $sessionScope;
    66. 

  66. 			}
    67. 

  67. 		}
    68. 

  68. 		return $this->scope;
    69. 

  69. 	}
    70. 

  70. 

  71. 	public function setToken(IToken $token) {
    72. 

  72. 		$this->scope = $token->getScopeAsArray();
    73. 

  73. 		$session = $this->getSession();
    74. 

  74. 		$session->set('token_scope', $this->scope);
    75. 

  75. 		$this->enable();
    76. 

  76. 	}
    77. 

  77. 

  78. 	public function canAccessFilesystem() {
    79. 

  79. 		$scope = $this->getScopeAsArray();
    80. 

  80. 		return !$scope || $scope['filesystem'];
    81. 

  81. 	}
    82. 

  82. }
    83.