json.php 5.8 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Bart Visscher <bartv@thisnet.nl>
  6. * @author Bernhard Posselt <dev@bernhard-posselt.com>
  7. * @author Christoph Wurst <christoph@owncloud.com>
  8. * @author Felix Moeller <mail@felixmoeller.de>
  9. * @author Georg Ehrke <georg@owncloud.com>
  10. * @author Lukas Reschke <lukas@statuscode.ch>
  11. * @author Morris Jobke <hey@morrisjobke.de>
  12. * @author Robin Appelman <robin@icewind.nl>
  13. * @author Thomas Müller <thomas.mueller@tmit.eu>
  14. * @author Thomas Tanghus <thomas@tanghus.net>
  15. * @author Vincent Petry <pvince81@owncloud.com>
  16. *
  17. * @license AGPL-3.0
  18. *
  19. * This code is free software: you can redistribute it and/or modify
  20. * it under the terms of the GNU Affero General Public License, version 3,
  21. * as published by the Free Software Foundation.
  22. *
  23. * This program is distributed in the hope that it will be useful,
  24. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  25. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  26. * GNU Affero General Public License for more details.
  27. *
  28. * You should have received a copy of the GNU Affero General Public License, version 3,
  29. * along with this program. If not, see <http://www.gnu.org/licenses/>
  30. *
  31. */
  32. /**
  33. * Class OC_JSON
  34. * @deprecated Use a AppFramework JSONResponse instead
  35. */
  36. class OC_JSON{
  37. static protected $send_content_type_header = false;
  38. /**
  39. * set Content-Type header to jsonrequest
  40. * @deprecated Use a AppFramework JSONResponse instead
  41. */
  42. public static function setContentTypeHeader($type='application/json') {
  43. if (!self::$send_content_type_header) {
  44. // We send json data
  45. header( 'Content-Type: '.$type . '; charset=utf-8');
  46. self::$send_content_type_header = true;
  47. }
  48. }
  49. /**
  50. * Check if the app is enabled, send json error msg if not
  51. * @param string $app
  52. * @deprecated Use the AppFramework instead. It will automatically check if the app is enabled.
  53. */
  54. public static function checkAppEnabled($app) {
  55. if( !OC_App::isEnabled($app)) {
  56. $l = \OC::$server->getL10N('lib');
  57. self::error(array( 'data' => array( 'message' => $l->t('Application is not enabled'), 'error' => 'application_not_enabled' )));
  58. exit();
  59. }
  60. }
  61. /**
  62. * Check if the user is logged in, send json error msg if not
  63. * @deprecated Use annotation based ACLs from the AppFramework instead
  64. */
  65. public static function checkLoggedIn() {
  66. $twoFactorAuthManger = \OC::$server->getTwoFactorAuthManager();
  67. if( !\OC::$server->getUserSession()->isLoggedIn()
  68. || $twoFactorAuthManger->needsSecondFactor(\OC::$server->getUserSession()->getUser())) {
  69. $l = \OC::$server->getL10N('lib');
  70. http_response_code(\OCP\AppFramework\Http::STATUS_UNAUTHORIZED);
  71. self::error(array( 'data' => array( 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' )));
  72. exit();
  73. }
  74. }
  75. /**
  76. * Check an ajax get/post call if the request token is valid, send json error msg if not.
  77. * @deprecated Use annotation based CSRF checks from the AppFramework instead
  78. */
  79. public static function callCheck() {
  80. if(!\OC::$server->getRequest()->passesStrictCookieCheck()) {
  81. header('Location: '.\OC::$WEBROOT);
  82. exit();
  83. }
  84. if( !(\OC::$server->getRequest()->passesCSRFCheck())) {
  85. $l = \OC::$server->getL10N('lib');
  86. self::error(array( 'data' => array( 'message' => $l->t('Token expired. Please reload page.'), 'error' => 'token_expired' )));
  87. exit();
  88. }
  89. }
  90. /**
  91. * Check if the user is a admin, send json error msg if not.
  92. * @deprecated Use annotation based ACLs from the AppFramework instead
  93. */
  94. public static function checkAdminUser() {
  95. if( !OC_User::isAdminUser(OC_User::getUser())) {
  96. $l = \OC::$server->getL10N('lib');
  97. self::error(array( 'data' => array( 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' )));
  98. exit();
  99. }
  100. }
  101. /**
  102. * Check is a given user exists - send json error msg if not
  103. * @param string $user
  104. * @deprecated Use a AppFramework JSONResponse instead
  105. */
  106. public static function checkUserExists($user) {
  107. if (!OCP\User::userExists($user)) {
  108. $l = \OC::$server->getL10N('lib');
  109. OCP\JSON::error(array('data' => array('message' => $l->t('Unknown user'), 'error' => 'unknown_user' )));
  110. exit;
  111. }
  112. }
  113. /**
  114. * Check if the user is a subadmin, send json error msg if not
  115. * @deprecated Use annotation based ACLs from the AppFramework instead
  116. */
  117. public static function checkSubAdminUser() {
  118. $userObject = \OC::$server->getUserSession()->getUser();
  119. $isSubAdmin = false;
  120. if($userObject !== null) {
  121. $isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject);
  122. }
  123. if(!$isSubAdmin) {
  124. $l = \OC::$server->getL10N('lib');
  125. self::error(array( 'data' => array( 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' )));
  126. exit();
  127. }
  128. }
  129. /**
  130. * Send json error msg
  131. * @deprecated Use a AppFramework JSONResponse instead
  132. */
  133. public static function error($data = array()) {
  134. $data['status'] = 'error';
  135. self::encodedPrint($data);
  136. }
  137. /**
  138. * Send json success msg
  139. * @deprecated Use a AppFramework JSONResponse instead
  140. */
  141. public static function success($data = array()) {
  142. $data['status'] = 'success';
  143. self::encodedPrint($data);
  144. }
  145. /**
  146. * Convert OC_L10N_String to string, for use in json encodings
  147. */
  148. protected static function to_string(&$value) {
  149. if ($value instanceof OC_L10N_String) {
  150. $value = (string)$value;
  151. }
  152. }
  153. /**
  154. * Encode and print $data in json format
  155. * @deprecated Use a AppFramework JSONResponse instead
  156. */
  157. public static function encodedPrint($data, $setContentType=true) {
  158. if($setContentType) {
  159. self::setContentTypeHeader();
  160. }
  161. echo self::encode($data);
  162. }
  163. /**
  164. * Encode JSON
  165. * @deprecated Use a AppFramework JSONResponse instead
  166. */
  167. public static function encode($data) {
  168. if (is_array($data)) {
  169. array_walk_recursive($data, array('OC_JSON', 'to_string'));
  170. }
  171. return json_encode($data, JSON_HEX_TAG);
  172. }
  173. }