1234567891011121314151617181920212223242526272829303132333435363738394041424344454647484950515253545556575859606162636465666768697071727374757677787980818283 |
- <?php
- /**
- * @copyright Copyright (c) 2016, Robin Appelman <robin@icewind.nl>
- *
- * @author Robin Appelman <robin@icewind.nl>
- *
- * @license GNU AGPL version 3 or any later version
- *
- * This program is free software: you can redistribute it and/or modify
- * it under the terms of the GNU Affero General Public License as
- * published by the Free Software Foundation, either version 3 of the
- * License, or (at your option) any later version.
- *
- * This program is distributed in the hope that it will be useful,
- * but WITHOUT ANY WARRANTY; without even the implied warranty of
- * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
- * GNU Affero General Public License for more details.
- *
- * You should have received a copy of the GNU Affero General Public License
- * along with this program. If not, see <http://www.gnu.org/licenses/>.
- *
- */
- namespace OC\Lockdown;
- use OC\Authentication\Token\IToken;
- use OCP\ISession;
- use OCP\Lockdown\ILockdownManager;
- class LockdownManager implements ILockdownManager {
- /** @var ISession */
- private $sessionCallback;
- private $enabled = false;
- /** @var array|null */
- private $scope;
- /**
- * LockdownManager constructor.
- *
- * @param callable $sessionCallback we need to inject the session lazily to avoid dependency loops
- */
- public function __construct(callable $sessionCallback) {
- $this->sessionCallback = $sessionCallback;
- }
- public function enable() {
- $this->enabled = true;
- }
- /**
- * @return ISession
- */
- private function getSession() {
- $callback = $this->sessionCallback;
- return $callback();
- }
- private function getScopeAsArray() {
- if (!$this->scope) {
- $session = $this->getSession();
- $sessionScope = $session->get('token_scope');
- if ($sessionScope) {
- $this->scope = $sessionScope;
- }
- }
- return $this->scope;
- }
- public function setToken(IToken $token) {
- $this->scope = $token->getScopeAsArray();
- $session = $this->getSession();
- $session->set('token_scope', $this->scope);
- $this->enable();
- }
- public function canAccessFilesystem() {
- $scope = $this->getScopeAsArray();
- return !$scope || $scope['filesystem'];
- }
- }
|