open-dsi
/
nextcloud-server
mirror of https://github.com/nextcloud/server
1
0
Fork 0
Code Issues Projects Releases Wiki Activity

Add token name for delete activity

Browse Source 
Signed-off-by: Daniel Kesselberg <mail@danielkesselberg.de>
pull/13548/head
Daniel Kesselberg 7 years ago
parent f24fa2051d
commit 17b82c5d76
No known key found for this signature in database
GPG Key ID: 36E3664E099D0614
2 changed files with 31 additions and 10 deletions
Show all changes Ignore whitespace when comparing lines Ignore changes in amount of whitespace Ignore changes in whitespace at EOL
Show Stats Download Patch File Download Diff File
  1. 2
      settings/Activity/Provider.php
  2. 39
      settings/Controller/AuthSettingsController.php

2
settings/Activity/Provider.php
Unescape View File

@ -115,7 +115,7 @@ class Provider implements IProvider {
} else if ($event->getSubject() === self::APP_TOKEN_UPDATED) {
$subject = $this->l->t('You updated app password "%1$s"', $event->getSubjectParameters());
} else if ($event->getSubject() === self::APP_TOKEN_DELETED) {
$subject = $this->l->t('You deleted an app token');
$subject = $this->l->t('You deleted app password "%1$s"', $event->getSubjectParameters());
} else {
throw new \InvalidArgumentException();

39
settings/Controller/AuthSettingsController.php
Unescape View File

@ -154,7 +154,7 @@ class AuthSettingsController extends Controller {
$tokenData = $deviceToken->jsonSerialize();
$tokenData['canDelete'] = true;
$this->publishActivity(Provider::APP_TOKEN_CREATED, $deviceToken->getId(), $name);
$this->publishActivity(Provider::APP_TOKEN_CREATED, $deviceToken->getId(), $deviceToken->getName());
return new JSONResponse([
'token' => $token,
@ -191,11 +191,18 @@ class AuthSettingsController extends Controller {
* @NoAdminRequired
* @NoSubadminRequired
*
* @return array
* @param int $id
* @return array|JSONResponse
*/
public function destroy($id) {
$this->tokenProvider->invalidateTokenById($this->uid, $id);
$this->publishActivity(Provider::APP_TOKEN_DELETED, $id);
try {
$token = $this->findTokenByIdAndUser($id);
} catch (InvalidTokenException $e) {
return new JSONResponse([], Http::STATUS_NOT_FOUND);
}
$this->tokenProvider->invalidateTokenById($this->uid, $token->getId());
$this->publishActivity(Provider::APP_TOKEN_DELETED, $token->getId(), $token->getName());
return [];
}
@ -209,10 +216,7 @@ class AuthSettingsController extends Controller {
*/
public function update($id, array $scope) {
try {
$token = $this->tokenProvider->getTokenById((string)$id);
if ($token->getUID() !== $this->uid) {
throw new InvalidTokenException('User mismatch');
}
$token = $this->findTokenByIdAndUser($id);
} catch (InvalidTokenException $e) {
return new JSONResponse([], Http::STATUS_NOT_FOUND);
}
@ -220,8 +224,9 @@ class AuthSettingsController extends Controller {
$token->setScope([
'filesystem' => $scope['filesystem']
]);
$this->tokenProvider->updateToken($token);
$this->publishActivity(Provider::APP_TOKEN_UPDATED, $id, $token->getName());
$this->publishActivity(Provider::APP_TOKEN_UPDATED, $token->getId(), $token->getName());
return [];
}
@ -246,4 +251,20 @@ class AuthSettingsController extends Controller {
$this->logger->logException($e);
}
}
/**
* Find a token by given id and check if uid for current session belongs to this token
*
* @param int $id
* @return IToken
* @throws InvalidTokenException
* @throws \OC\Authentication\Exceptions\ExpiredTokenException
*/
private function findTokenByIdAndUser(int $id): IToken {
$token = $this->tokenProvider->getTokenById((string)$id);
if ($token->getUID() !== $this->uid) {
throw new InvalidTokenException('This token does not belong to you!');
}
return $token;
}
}

Write Preview
Loading…
Cancel
Save