SystemConfig.php 5.6 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135136137138139140141142143144145146147148149150151152153154155156157158159160161162163164165166167168169170171172173174175176177178179180181182183184185186187188189190191192193194195196197198199200201202203204205206207208209210211212213214215216217218219220221222223
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Daniel Kesselberg <mail@danielkesselberg.de>
  6. * @author Joas Schilling <coding@schilljs.com>
  7. * @author Johannes Schlichenmaier <johannes@schlichenmaier.info>
  8. * @author Lukas Reschke <lukas@statuscode.ch>
  9. * @author Morris Jobke <hey@morrisjobke.de>
  10. * @author Roeland Jago Douma <roeland@famdouma.nl>
  11. *
  12. * @license AGPL-3.0
  13. *
  14. * This code is free software: you can redistribute it and/or modify
  15. * it under the terms of the GNU Affero General Public License, version 3,
  16. * as published by the Free Software Foundation.
  17. *
  18. * This program is distributed in the hope that it will be useful,
  19. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  20. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  21. * GNU Affero General Public License for more details.
  22. *
  23. * You should have received a copy of the GNU Affero General Public License, version 3,
  24. * along with this program. If not, see <http://www.gnu.org/licenses/>
  25. *
  26. */
  27. namespace OC;
  28. use OCP\IConfig;
  29. /**
  30. * Class which provides access to the system config values stored in config.php
  31. * Internal class for bootstrap only.
  32. * fixes cyclic DI: AllConfig needs AppConfig needs Database needs AllConfig
  33. */
  34. class SystemConfig {
  35. /** @var array */
  36. protected $sensitiveValues = [
  37. 'instanceid' => true,
  38. 'datadirectory' => true,
  39. 'dbname' => true,
  40. 'dbhost' => true,
  41. 'dbpassword' => true,
  42. 'dbuser' => true,
  43. 'dbreplica' => true,
  44. 'activity_dbname' => true,
  45. 'activity_dbhost' => true,
  46. 'activity_dbpassword' => true,
  47. 'activity_dbuser' => true,
  48. 'mail_from_address' => true,
  49. 'mail_domain' => true,
  50. 'mail_smtphost' => true,
  51. 'mail_smtpname' => true,
  52. 'mail_smtppassword' => true,
  53. 'passwordsalt' => true,
  54. 'secret' => true,
  55. 'updater.secret' => true,
  56. 'updater.server.url' => true,
  57. 'trusted_proxies' => true,
  58. 'preview_imaginary_url' => true,
  59. 'preview_imaginary_key' => true,
  60. 'proxyuserpwd' => true,
  61. 'sentry.dsn' => true,
  62. 'sentry.public-dsn' => true,
  63. 'zammad.download.secret' => true,
  64. 'zammad.portal.secret' => true,
  65. 'zammad.secret' => true,
  66. 'github.client_id' => true,
  67. 'github.client_secret' => true,
  68. 'log.condition' => [
  69. 'shared_secret' => true,
  70. ],
  71. 'license-key' => true,
  72. 'redis' => [
  73. 'host' => true,
  74. 'password' => true,
  75. ],
  76. 'redis.cluster' => [
  77. 'seeds' => true,
  78. 'password' => true,
  79. ],
  80. 'objectstore' => [
  81. 'arguments' => [
  82. // Legacy Swift (https://github.com/nextcloud/server/pull/17696#discussion_r341302207)
  83. 'options' => [
  84. 'credentials' => [
  85. 'key' => true,
  86. 'secret' => true,
  87. ]
  88. ],
  89. // S3
  90. 'key' => true,
  91. 'secret' => true,
  92. // Swift v2
  93. 'username' => true,
  94. 'password' => true,
  95. // Swift v3
  96. 'user' => [
  97. 'name' => true,
  98. 'password' => true,
  99. ],
  100. ],
  101. ],
  102. 'objectstore_multibucket' => [
  103. 'arguments' => [
  104. 'options' => [
  105. 'credentials' => [
  106. 'key' => true,
  107. 'secret' => true,
  108. ]
  109. ],
  110. // S3
  111. 'key' => true,
  112. 'secret' => true,
  113. // Swift v2
  114. 'username' => true,
  115. 'password' => true,
  116. // Swift v3
  117. 'user' => [
  118. 'name' => true,
  119. 'password' => true,
  120. ],
  121. ],
  122. ],
  123. 'onlyoffice' => [
  124. 'jwt_secret' => true,
  125. ],
  126. 'PASS' => true,
  127. ];
  128. /** @var Config */
  129. private $config;
  130. public function __construct(Config $config) {
  131. $this->config = $config;
  132. }
  133. /**
  134. * Lists all available config keys
  135. * @return array an array of key names
  136. */
  137. public function getKeys() {
  138. return $this->config->getKeys();
  139. }
  140. /**
  141. * Sets a new system wide value
  142. *
  143. * @param string $key the key of the value, under which will be saved
  144. * @param mixed $value the value that should be stored
  145. */
  146. public function setValue($key, $value) {
  147. $this->config->setValue($key, $value);
  148. }
  149. /**
  150. * Sets and deletes values and writes the config.php
  151. *
  152. * @param array $configs Associative array with `key => value` pairs
  153. * If value is null, the config key will be deleted
  154. */
  155. public function setValues(array $configs) {
  156. $this->config->setValues($configs);
  157. }
  158. /**
  159. * Looks up a system wide defined value
  160. *
  161. * @param string $key the key of the value, under which it was saved
  162. * @param mixed $default the default value to be returned if the value isn't set
  163. * @return mixed the value or $default
  164. */
  165. public function getValue($key, $default = '') {
  166. return $this->config->getValue($key, $default);
  167. }
  168. /**
  169. * Looks up a system wide defined value and filters out sensitive data
  170. *
  171. * @param string $key the key of the value, under which it was saved
  172. * @param mixed $default the default value to be returned if the value isn't set
  173. * @return mixed the value or $default
  174. */
  175. public function getFilteredValue($key, $default = '') {
  176. $value = $this->getValue($key, $default);
  177. if (isset($this->sensitiveValues[$key])) {
  178. $value = $this->removeSensitiveValue($this->sensitiveValues[$key], $value);
  179. }
  180. return $value;
  181. }
  182. /**
  183. * Delete a system wide defined value
  184. *
  185. * @param string $key the key of the value, under which it was saved
  186. */
  187. public function deleteValue($key) {
  188. $this->config->deleteKey($key);
  189. }
  190. /**
  191. * @param bool|array $keysToRemove
  192. * @param mixed $value
  193. * @return mixed
  194. */
  195. protected function removeSensitiveValue($keysToRemove, $value) {
  196. if ($keysToRemove === true) {
  197. return IConfig::SENSITIVE_VALUE;
  198. }
  199. if (is_array($value)) {
  200. foreach ($keysToRemove as $keyToRemove => $valueToRemove) {
  201. if (isset($value[$keyToRemove])) {
  202. $value[$keyToRemove] = $this->removeSensitiveValue($valueToRemove, $value[$keyToRemove]);
  203. }
  204. }
  205. }
  206. return $value;
  207. }
  208. }