ApiController.php 4.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155
  1. <?php
  2. declare(strict_types=1);
  3. /**
  4. * @copyright Copyright (c) 2016, ownCloud, Inc.
  5. *
  6. * @author Christoph Wurst <christoph@winzerhof-wurst.at>
  7. * @author Jesús Macias <jmacias@solidgear.es>
  8. * @author Joas Schilling <coding@schilljs.com>
  9. * @author Morris Jobke <hey@morrisjobke.de>
  10. * @author Roeland Jago Douma <roeland@famdouma.nl>
  11. * @author Vincent Petry <vincent@nextcloud.com>
  12. *
  13. * @license AGPL-3.0
  14. *
  15. * This code is free software: you can redistribute it and/or modify
  16. * it under the terms of the GNU Affero General Public License, version 3,
  17. * as published by the Free Software Foundation.
  18. *
  19. * This program is distributed in the hope that it will be useful,
  20. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  21. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  22. * GNU Affero General Public License for more details.
  23. *
  24. * You should have received a copy of the GNU Affero General Public License, version 3,
  25. * along with this program. If not, see <http://www.gnu.org/licenses/>
  26. *
  27. */
  28. namespace OCA\Files_External\Controller;
  29. use OCA\Files_External\Lib\StorageConfig;
  30. use OCA\Files_External\ResponseDefinitions;
  31. use OCA\Files_External\Service\UserGlobalStoragesService;
  32. use OCA\Files_External\Service\UserStoragesService;
  33. use OCP\AppFramework\Http;
  34. use OCP\AppFramework\Http\Attribute\IgnoreOpenAPI;
  35. use OCP\AppFramework\Http\DataResponse;
  36. use OCP\AppFramework\OCSController;
  37. use OCP\IRequest;
  38. /**
  39. * @psalm-import-type FilesExternalMount from ResponseDefinitions
  40. */
  41. class ApiController extends OCSController {
  42. private UserGlobalStoragesService $userGlobalStoragesService;
  43. private UserStoragesService $userStoragesService;
  44. public function __construct(
  45. string $appName,
  46. IRequest $request,
  47. UserGlobalStoragesService $userGlobalStorageService,
  48. UserStoragesService $userStorageService
  49. ) {
  50. parent::__construct($appName, $request);
  51. $this->userGlobalStoragesService = $userGlobalStorageService;
  52. $this->userStoragesService = $userStorageService;
  53. }
  54. /**
  55. * Formats the given mount config to a mount entry.
  56. *
  57. * @param string $mountPoint mount point name, relative to the data dir
  58. * @param StorageConfig $mountConfig mount config to format
  59. *
  60. * @return FilesExternalMount
  61. */
  62. private function formatMount(string $mountPoint, StorageConfig $mountConfig): array {
  63. // split path from mount point
  64. $path = \dirname($mountPoint);
  65. if ($path === '.' || $path === '/') {
  66. $path = '';
  67. }
  68. $isSystemMount = $mountConfig->getType() === StorageConfig::MOUNT_TYPE_ADMIN;
  69. $permissions = \OCP\Constants::PERMISSION_READ;
  70. // personal mounts can be deleted
  71. if (!$isSystemMount) {
  72. $permissions |= \OCP\Constants::PERMISSION_DELETE;
  73. }
  74. $entry = [
  75. 'id' => $mountConfig->getId(),
  76. 'type' => 'dir',
  77. 'name' => basename($mountPoint),
  78. 'path' => $path,
  79. 'permissions' => $permissions,
  80. 'scope' => $isSystemMount ? 'system' : 'personal',
  81. 'backend' => $mountConfig->getBackend()->getText(),
  82. 'class' => $mountConfig->getBackend()->getIdentifier(),
  83. 'config' => $mountConfig->jsonSerialize(true),
  84. ];
  85. return $entry;
  86. }
  87. /**
  88. * @NoAdminRequired
  89. *
  90. * Get the mount points visible for this user
  91. *
  92. * @return DataResponse<Http::STATUS_OK, FilesExternalMount[], array{}>
  93. *
  94. * 200: User mounts returned
  95. */
  96. public function getUserMounts(): DataResponse {
  97. $entries = [];
  98. $mountPoints = [];
  99. foreach ($this->userGlobalStoragesService->getStorages() as $storage) {
  100. $mountPoint = $storage->getMountPoint();
  101. $mountPoints[$mountPoint] = $storage;
  102. }
  103. foreach ($this->userStoragesService->getStorages() as $storage) {
  104. $mountPoint = $storage->getMountPoint();
  105. $mountPoints[$mountPoint] = $storage;
  106. }
  107. foreach ($mountPoints as $mountPoint => $mount) {
  108. $entries[] = $this->formatMount($mountPoint, $mount);
  109. }
  110. return new DataResponse($entries);
  111. }
  112. /**
  113. * @NoAdminRequired
  114. * @NoCSRFRequired
  115. *
  116. * Ask for credentials using a browser's native basic auth prompt
  117. * Then returns it if provided
  118. */
  119. #[IgnoreOpenAPI]
  120. public function askNativeAuth(): DataResponse {
  121. if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {
  122. $response = new DataResponse([], Http::STATUS_UNAUTHORIZED);
  123. $response->addHeader('WWW-Authenticate', 'Basic realm="Storage authentification needed"');
  124. return $response;
  125. }
  126. $user = $_SERVER['PHP_AUTH_USER'];
  127. $password = $_SERVER['PHP_AUTH_PW'];
  128. // Reset auth
  129. unset($_SERVER['PHP_AUTH_USER']);
  130. unset($_SERVER['PHP_AUTH_PW']);
  131. // Using 401 again to ensure we clear any cached Authorization
  132. return new DataResponse([
  133. 'user' => $user,
  134. 'password' => $password,
  135. ], Http::STATUS_UNAUTHORIZED);
  136. }
  137. }