AjaxController.php 3.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Christoph Wurst <christoph@winzerhof-wurst.at>
  6. * @author Lukas Reschke <lukas@statuscode.ch>
  7. * @author Martin Mattel <martin.mattel@diemattels.at>
  8. * @author Morris Jobke <hey@morrisjobke.de>
  9. * @author Robin Appelman <robin@icewind.nl>
  10. * @author Robin McCorkell <robin@mccorkell.me.uk>
  11. * @author Roeland Jago Douma <roeland@famdouma.nl>
  12. * @author Ross Nicoll <jrn@jrn.me.uk>
  13. *
  14. * @license AGPL-3.0
  15. *
  16. * This code is free software: you can redistribute it and/or modify
  17. * it under the terms of the GNU Affero General Public License, version 3,
  18. * as published by the Free Software Foundation.
  19. *
  20. * This program is distributed in the hope that it will be useful,
  21. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  22. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  23. * GNU Affero General Public License for more details.
  24. *
  25. * You should have received a copy of the GNU Affero General Public License, version 3,
  26. * along with this program. If not, see <http://www.gnu.org/licenses/>
  27. *
  28. */
  29. namespace OCA\Files_External\Controller;
  30. use OCA\Files_External\Lib\Auth\Password\GlobalAuth;
  31. use OCA\Files_External\Lib\Auth\PublicKey\RSA;
  32. use OCP\AppFramework\Controller;
  33. use OCP\AppFramework\Http\JSONResponse;
  34. use OCP\IGroupManager;
  35. use OCP\IRequest;
  36. use OCP\IUserSession;
  37. class AjaxController extends Controller {
  38. /** @var RSA */
  39. private $rsaMechanism;
  40. /** @var GlobalAuth */
  41. private $globalAuth;
  42. /** @var IUserSession */
  43. private $userSession;
  44. /** @var IGroupManager */
  45. private $groupManager;
  46. /**
  47. * @param string $appName
  48. * @param IRequest $request
  49. * @param RSA $rsaMechanism
  50. * @param GlobalAuth $globalAuth
  51. * @param IUserSession $userSession
  52. * @param IGroupManager $groupManager
  53. */
  54. public function __construct($appName,
  55. IRequest $request,
  56. RSA $rsaMechanism,
  57. GlobalAuth $globalAuth,
  58. IUserSession $userSession,
  59. IGroupManager $groupManager) {
  60. parent::__construct($appName, $request);
  61. $this->rsaMechanism = $rsaMechanism;
  62. $this->globalAuth = $globalAuth;
  63. $this->userSession = $userSession;
  64. $this->groupManager = $groupManager;
  65. }
  66. /**
  67. * @param int $keyLength
  68. * @return array
  69. */
  70. private function generateSshKeys($keyLength) {
  71. $key = $this->rsaMechanism->createKey($keyLength);
  72. // Replace the placeholder label with a more meaningful one
  73. $key['publickey'] = str_replace('phpseclib-generated-key', gethostname(), $key['publickey']);
  74. return $key;
  75. }
  76. /**
  77. * Generates an SSH public/private key pair.
  78. *
  79. * @NoAdminRequired
  80. * @param int $keyLength
  81. */
  82. public function getSshKeys($keyLength = 1024) {
  83. $key = $this->generateSshKeys($keyLength);
  84. return new JSONResponse(
  85. ['data' => [
  86. 'private_key' => $key['privatekey'],
  87. 'public_key' => $key['publickey']
  88. ],
  89. 'status' => 'success'
  90. ]);
  91. }
  92. /**
  93. * @NoAdminRequired
  94. *
  95. * @param string $uid
  96. * @param string $user
  97. * @param string $password
  98. * @return bool
  99. */
  100. public function saveGlobalCredentials($uid, $user, $password) {
  101. $currentUser = $this->userSession->getUser();
  102. if ($currentUser === null) {
  103. return false;
  104. }
  105. // Non-admins can only edit their own credentials
  106. // Admin can edit global credentials
  107. $allowedToEdit = $uid === ''
  108. ? $this->groupManager->isAdmin($currentUser->getUID())
  109. : $currentUser->getUID() === $uid;
  110. if ($allowedToEdit) {
  111. $this->globalAuth->saveAuth($uid, $user, $password);
  112. return true;
  113. }
  114. return false;
  115. }
  116. }