OC_JSON.php 4.2 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Bart Visscher <bartv@thisnet.nl>
  6. * @author Christoph Wurst <christoph@winzerhof-wurst.at>
  7. * @author Lukas Reschke <lukas@statuscode.ch>
  8. * @author Morris Jobke <hey@morrisjobke.de>
  9. * @author Robin Appelman <robin@icewind.nl>
  10. * @author Roeland Jago Douma <roeland@famdouma.nl>
  11. * @author Thomas Müller <thomas.mueller@tmit.eu>
  12. * @author Thomas Tanghus <thomas@tanghus.net>
  13. * @author Vincent Petry <vincent@nextcloud.com>
  14. *
  15. * @license AGPL-3.0
  16. *
  17. * This code is free software: you can redistribute it and/or modify
  18. * it under the terms of the GNU Affero General Public License, version 3,
  19. * as published by the Free Software Foundation.
  20. *
  21. * This program is distributed in the hope that it will be useful,
  22. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  23. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  24. * GNU Affero General Public License for more details.
  25. *
  26. * You should have received a copy of the GNU Affero General Public License, version 3,
  27. * along with this program. If not, see <http://www.gnu.org/licenses/>
  28. *
  29. */
  30. use OC\Authentication\TwoFactorAuth\Manager as TwoFactorAuthManager;
  31. class OC_JSON {
  32. /**
  33. * Check if the app is enabled, send json error msg if not
  34. * @param string $app
  35. * @deprecated Use the AppFramework instead. It will automatically check if the app is enabled.
  36. * @suppress PhanDeprecatedFunction
  37. */
  38. public static function checkAppEnabled($app) {
  39. if (!\OC::$server->getAppManager()->isEnabledForUser($app)) {
  40. $l = \OC::$server->getL10N('lib');
  41. self::error([ 'data' => [ 'message' => $l->t('Application is not enabled'), 'error' => 'application_not_enabled' ]]);
  42. exit();
  43. }
  44. }
  45. /**
  46. * Check if the user is logged in, send json error msg if not
  47. * @deprecated Use annotation based ACLs from the AppFramework instead
  48. * @suppress PhanDeprecatedFunction
  49. */
  50. public static function checkLoggedIn() {
  51. $twoFactorAuthManger = \OC::$server->get(TwoFactorAuthManager::class);
  52. if (!\OC::$server->getUserSession()->isLoggedIn()
  53. || $twoFactorAuthManger->needsSecondFactor(\OC::$server->getUserSession()->getUser())) {
  54. $l = \OC::$server->getL10N('lib');
  55. http_response_code(\OCP\AppFramework\Http::STATUS_UNAUTHORIZED);
  56. self::error([ 'data' => [ 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' ]]);
  57. exit();
  58. }
  59. }
  60. /**
  61. * Check an ajax get/post call if the request token is valid, send json error msg if not.
  62. * @deprecated Use annotation based CSRF checks from the AppFramework instead
  63. * @suppress PhanDeprecatedFunction
  64. */
  65. public static function callCheck() {
  66. if (!\OC::$server->getRequest()->passesStrictCookieCheck()) {
  67. header('Location: '.\OC::$WEBROOT);
  68. exit();
  69. }
  70. if (!\OC::$server->getRequest()->passesCSRFCheck()) {
  71. $l = \OC::$server->getL10N('lib');
  72. self::error([ 'data' => [ 'message' => $l->t('Token expired. Please reload page.'), 'error' => 'token_expired' ]]);
  73. exit();
  74. }
  75. }
  76. /**
  77. * Check if the user is a admin, send json error msg if not.
  78. * @deprecated Use annotation based ACLs from the AppFramework instead
  79. * @suppress PhanDeprecatedFunction
  80. */
  81. public static function checkAdminUser() {
  82. if (!OC_User::isAdminUser(OC_User::getUser())) {
  83. $l = \OC::$server->getL10N('lib');
  84. self::error([ 'data' => [ 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' ]]);
  85. exit();
  86. }
  87. }
  88. /**
  89. * Send json error msg
  90. * @deprecated Use a AppFramework JSONResponse instead
  91. * @suppress PhanDeprecatedFunction
  92. * @psalm-taint-escape html
  93. */
  94. public static function error($data = []) {
  95. $data['status'] = 'error';
  96. header('Content-Type: application/json; charset=utf-8');
  97. echo self::encode($data);
  98. }
  99. /**
  100. * Send json success msg
  101. * @deprecated Use a AppFramework JSONResponse instead
  102. * @suppress PhanDeprecatedFunction
  103. * @psalm-taint-escape html
  104. */
  105. public static function success($data = []) {
  106. $data['status'] = 'success';
  107. header('Content-Type: application/json; charset=utf-8');
  108. echo self::encode($data);
  109. }
  110. /**
  111. * Encode JSON
  112. * @deprecated Use a AppFramework JSONResponse instead
  113. */
  114. private static function encode($data) {
  115. return json_encode($data, JSON_HEX_TAG);
  116. }
  117. }