|
|
|
|
@ -48,7 +48,7 @@ class ShareInfoController extends ApiController { |
|
|
|
|
* @param IRequest $request |
|
|
|
|
* @param IManager $shareManager |
|
|
|
|
*/ |
|
|
|
|
public function __construct($appName, |
|
|
|
|
public function __construct(string $appName, |
|
|
|
|
IRequest $request, |
|
|
|
|
IManager $shareManager) { |
|
|
|
|
parent::__construct($appName, $request); |
|
|
|
|
@ -59,26 +59,32 @@ class ShareInfoController extends ApiController { |
|
|
|
|
/** |
|
|
|
|
* @PublicPage |
|
|
|
|
* @NoCSRFRequired |
|
|
|
|
* @BruteForceProtection(action=shareinfo) |
|
|
|
|
* |
|
|
|
|
* @param string $t |
|
|
|
|
* @param null $password |
|
|
|
|
* @param null $dir |
|
|
|
|
* @return JSONResponse |
|
|
|
|
* @throws ShareNotFound |
|
|
|
|
*/ |
|
|
|
|
public function info($t, $password = null, $dir = null) { |
|
|
|
|
try { |
|
|
|
|
$share = $this->shareManager->getShareByToken($t); |
|
|
|
|
} catch (ShareNotFound $e) { |
|
|
|
|
return new JSONResponse([], Http::STATUS_NOT_FOUND); |
|
|
|
|
$response = new JSONResponse([], Http::STATUS_NOT_FOUND); |
|
|
|
|
$response->throttle(['token' => $t]); |
|
|
|
|
return $response; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if ($share->getPassword() && !$this->shareManager->checkPassword($share, $password)) { |
|
|
|
|
return new JSONResponse([], Http::STATUS_FORBIDDEN); |
|
|
|
|
$response = new JSONResponse([], Http::STATUS_FORBIDDEN); |
|
|
|
|
$response->throttle(['token' => $t]); |
|
|
|
|
return $response; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
if (!($share->getPermissions() & Constants::PERMISSION_READ)) { |
|
|
|
|
return new JSONResponse([], Http::STATUS_FORBIDDEN); |
|
|
|
|
$response = new JSONResponse([], Http::STATUS_FORBIDDEN); |
|
|
|
|
$response->throttle(['token' => $t]); |
|
|
|
|
return $response; |
|
|
|
|
} |
|
|
|
|
|
|
|
|
|
$permissionMask = $share->getPermissions(); |
|
|
|
|
|
Roeland Jago Douma
5 years ago
committed by