OC_JSON.php 4.4 KB

123456789101112131415161718192021222324252627282930313233343536373839404142434445464748495051525354555657585960616263646566676869707172737475767778798081828384858687888990919293949596979899100101102103104105106107108109110111112113114115116117118119120121122123124125126127128129130131132133134135
  1. <?php
  2. /**
  3. * @copyright Copyright (c) 2016, ownCloud, Inc.
  4. *
  5. * @author Bart Visscher <bartv@thisnet.nl>
  6. * @author Christoph Wurst <christoph@winzerhof-wurst.at>
  7. * @author Lukas Reschke <lukas@statuscode.ch>
  8. * @author Morris Jobke <hey@morrisjobke.de>
  9. * @author Robin Appelman <robin@icewind.nl>
  10. * @author Roeland Jago Douma <roeland@famdouma.nl>
  11. * @author Thomas Müller <thomas.mueller@tmit.eu>
  12. * @author Thomas Tanghus <thomas@tanghus.net>
  13. * @author Vincent Petry <vincent@nextcloud.com>
  14. *
  15. * @license AGPL-3.0
  16. *
  17. * This code is free software: you can redistribute it and/or modify
  18. * it under the terms of the GNU Affero General Public License, version 3,
  19. * as published by the Free Software Foundation.
  20. *
  21. * This program is distributed in the hope that it will be useful,
  22. * but WITHOUT ANY WARRANTY; without even the implied warranty of
  23. * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the
  24. * GNU Affero General Public License for more details.
  25. *
  26. * You should have received a copy of the GNU Affero General Public License, version 3,
  27. * along with this program. If not, see <http://www.gnu.org/licenses/>
  28. *
  29. */
  30. class OC_JSON {
  31. /**
  32. * Check if the app is enabled, send json error msg if not
  33. * @param string $app
  34. * @deprecated Use the AppFramework instead. It will automatically check if the app is enabled.
  35. * @suppress PhanDeprecatedFunction
  36. */
  37. public static function checkAppEnabled($app) {
  38. if (!\OC::$server->getAppManager()->isEnabledForUser($app)) {
  39. $l = \OC::$server->getL10N('lib');
  40. self::error([ 'data' => [ 'message' => $l->t('Application is not enabled'), 'error' => 'application_not_enabled' ]]);
  41. exit();
  42. }
  43. }
  44. /**
  45. * Check if the user is logged in, send json error msg if not
  46. * @deprecated Use annotation based ACLs from the AppFramework instead
  47. * @suppress PhanDeprecatedFunction
  48. */
  49. public static function checkLoggedIn() {
  50. $twoFactorAuthManger = \OC::$server->getTwoFactorAuthManager();
  51. if (!\OC::$server->getUserSession()->isLoggedIn()
  52. || $twoFactorAuthManger->needsSecondFactor(\OC::$server->getUserSession()->getUser())) {
  53. $l = \OC::$server->getL10N('lib');
  54. http_response_code(\OCP\AppFramework\Http::STATUS_UNAUTHORIZED);
  55. self::error([ 'data' => [ 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' ]]);
  56. exit();
  57. }
  58. }
  59. /**
  60. * Check an ajax get/post call if the request token is valid, send json error msg if not.
  61. * @deprecated Use annotation based CSRF checks from the AppFramework instead
  62. * @suppress PhanDeprecatedFunction
  63. */
  64. public static function callCheck() {
  65. if (!\OC::$server->getRequest()->passesStrictCookieCheck()) {
  66. header('Location: '.\OC::$WEBROOT);
  67. exit();
  68. }
  69. if (!\OC::$server->getRequest()->passesCSRFCheck()) {
  70. $l = \OC::$server->getL10N('lib');
  71. self::error([ 'data' => [ 'message' => $l->t('Token expired. Please reload page.'), 'error' => 'token_expired' ]]);
  72. exit();
  73. }
  74. }
  75. /**
  76. * Check if the user is a admin, send json error msg if not.
  77. * @deprecated Use annotation based ACLs from the AppFramework instead
  78. * @suppress PhanDeprecatedFunction
  79. */
  80. public static function checkAdminUser() {
  81. if (!OC_User::isAdminUser(OC_User::getUser())) {
  82. $l = \OC::$server->getL10N('lib');
  83. self::error([ 'data' => [ 'message' => $l->t('Authentication error'), 'error' => 'authentication_error' ]]);
  84. exit();
  85. }
  86. }
  87. /**
  88. * Send json error msg
  89. * @deprecated Use a AppFramework JSONResponse instead
  90. * @suppress PhanDeprecatedFunction
  91. * @psalm-taint-escape html
  92. */
  93. public static function error($data = []) {
  94. $data['status'] = 'error';
  95. header('Content-Type: application/json; charset=utf-8');
  96. echo self::encode($data);
  97. }
  98. /**
  99. * Send json success msg
  100. * @deprecated Use a AppFramework JSONResponse instead
  101. * @suppress PhanDeprecatedFunction
  102. * @psalm-taint-escape html
  103. */
  104. public static function success($data = []) {
  105. $data['status'] = 'success';
  106. header('Content-Type: application/json; charset=utf-8');
  107. echo self::encode($data);
  108. }
  109. /**
  110. * Convert OC_L10N_String to string, for use in json encodings
  111. */
  112. protected static function to_string(&$value) {
  113. if ($value instanceof \OC\L10N\L10NString) {
  114. $value = (string)$value;
  115. }
  116. }
  117. /**
  118. * Encode JSON
  119. * @deprecated Use a AppFramework JSONResponse instead
  120. */
  121. public static function encode($data) {
  122. if (is_array($data)) {
  123. array_walk_recursive($data, ['OC_JSON', 'to_string']);
  124. }
  125. return json_encode($data, JSON_HEX_TAG);
  126. }
  127. }