fixing SecurityMiddleware to use OC6 API

lib/private/appframework/dependencyinjection/dicontainer.php

@@ -35,6 +35,7 @@ use OC\AppFramework\Utility\TimeFactory;
 use OCP\AppFramework\IApi;
 use OCP\AppFramework\IAppContainer;
 use OCP\AppFramework\IMiddleWare;
+use OCP\AppFramework\Middleware;
 use OCP\IServerContainer;
 
 
@@ -86,7 +87,7 @@ class DIContainer extends SimpleContainer implements IAppContainer{
 		 * Middleware
 		 */
 		$this['SecurityMiddleware'] = $this->share(function($c){
-			return new SecurityMiddleware($c['API'], $c['Request']);
+			return new SecurityMiddleware($this, $c['Request']);
 		});
 
 		$this['MiddlewareDispatcher'] = $this->share(function($c){
@@ -129,10 +130,10 @@ class DIContainer extends SimpleContainer implements IAppContainer{
 	}
 
 	/**
-	 * @param IMiddleWare $middleWare
+	 * @param Middleware $middleWare
 	 * @return boolean
 	 */
-	function registerMiddleWare(IMiddleWare $middleWare) {
+	function registerMiddleWare(Middleware $middleWare) {
 		array_push($this->middleWares, $middleWare);
 	}
 
@@ -143,4 +144,49 @@ class DIContainer extends SimpleContainer implements IAppContainer{
 	function getAppName() {
 		return $this->query('AppName');
 	}
+
+	/**
+	 * @return boolean
+	 */
+	function isLoggedIn() {
+		return \OC_User::isLoggedIn();
+	}
+
+	/**
+	 * @return boolean
+	 */
+	function isAdminUser() {
+		$uid = $this->getUserId();
+		return \OC_User::isAdminUser($uid);
+	}
+
+	private function getUserId() {
+		return \OC::$session->get('user_id');
+	}
+
+	/**
+	 * @param $message
+	 * @param $level
+	 * @return mixed
+	 */
+	function log($message, $level) {
+		switch($level){
+			case 'debug':
+				$level = \OCP\Util::DEBUG;
+				break;
+			case 'info':
+				$level = \OCP\Util::INFO;
+				break;
+			case 'warn':
+				$level = \OCP\Util::WARN;
+				break;
+			case 'fatal':
+				$level = \OCP\Util::FATAL;
+				break;
+			default:
+				$level = \OCP\Util::ERROR;
+				break;
+		}
+		\OCP\Util::writeLog($this->getAppName(), $message, $level);
+	}
 }

lib/private/appframework/http/dispatcher.php

@@ -24,8 +24,8 @@
 
 namespace OC\AppFramework\Http;
 
-use \OC\AppFramework\Controller\Controller;
 use \OC\AppFramework\Middleware\MiddlewareDispatcher;
+use OCP\AppFramework\Controller\Controller;
 
 
 /**

lib/private/appframework/middleware/middlewaredispatcher.php

@@ -24,7 +24,7 @@
 
 namespace OC\AppFramework\Middleware;
 
-use OC\AppFramework\Controller\Controller;
+use OCP\AppFramework\Controller\Controller;
 use OCP\AppFramework\Http\Response;
 use OCP\AppFramework\MiddleWare;
 

lib/private/appframework/middleware/security/securitymiddleware.php

@@ -24,15 +24,14 @@
 
 namespace OC\AppFramework\Middleware\Security;
 
-use OC\AppFramework\Controller\Controller;
 use OC\AppFramework\Http\Http;
-use OC\AppFramework\Http\Request;
 use OC\AppFramework\Http\RedirectResponse;
 use OC\AppFramework\Utility\MethodAnnotationReader;
-use OC\AppFramework\Core\API;
 use OCP\AppFramework\Middleware;
 use OCP\AppFramework\Http\Response;
 use OCP\AppFramework\Http\JSONResponse;
+use OCP\AppFramework\IAppContainer;
+use OCP\IRequest;
 
 
 /**
@@ -43,18 +42,22 @@ use OCP\AppFramework\Http\JSONResponse;
  */
 class SecurityMiddleware extends Middleware {
 
-	private $api;
+	/**
+	 * @var \OCP\AppFramework\IAppContainer
+	 */
+	private $app;
 
 	/**
-	 * @var \OC\AppFramework\Http\Request
+	 * @var \OCP\IRequest
 	 */
 	private $request;
 
 	/**
-	 * @param API $api an instance of the api
+	 * @param IAppContainer $app
+	 * @param IRequest $request
 	 */
-	public function __construct(API $api, Request $request){
-		$this->api = $api;
+	public function __construct(IAppContainer $app, IRequest $request){
+		$this->app = $app;
 		$this->request = $request;
 	}
 
@@ -74,24 +77,24 @@ class SecurityMiddleware extends Middleware {
 
 		// this will set the current navigation entry of the app, use this only
 		// for normal HTML requests and not for AJAX requests
-		$this->api->activateNavigationEntry();
+		$this->app->getServer()->getNavigationManager()->setActiveEntry($this->api->getAppName());
 
 		// security checks
 		$isPublicPage = $annotationReader->hasAnnotation('PublicPage');
 		if(!$isPublicPage) {
-			if(!$this->api->isLoggedIn()) {
+			if(!$this->app->isLoggedIn()) {
 				throw new SecurityException('Current user is not logged in', Http::STATUS_UNAUTHORIZED);
 			}
 
 			if(!$annotationReader->hasAnnotation('NoAdminRequired')) {
-				if(!$this->api->isAdminUser($this->api->getUserId())) {
+				if(!$this->app->isAdminUser()) {
 					throw new SecurityException('Logged in user must be an admin', Http::STATUS_FORBIDDEN);
 				}
 			}
 		}
 
 		if(!$annotationReader->hasAnnotation('NoCSRFRequired')) {
-			if(!$this->api->passesCSRFCheck()) {
+			if(!$this->request->passesCSRFCheck()) {
 				throw new SecurityException('CSRF check failed', Http::STATUS_PRECONDITION_FAILED);
 			}
 		}
@@ -118,12 +121,13 @@ class SecurityMiddleware extends Middleware {
 					array('message' => $exception->getMessage()),
 					$exception->getCode()
 				);
-				$this->api->log($exception->getMessage(), 'debug');
+				$this->app->log($exception->getMessage(), 'debug');
 			} else {
 
-				$url = $this->api->linkToAbsolute('index.php', ''); // TODO: replace with link to route
+				// TODO: replace with link to route
+				$url = $this->app->getServer()->getURLGenerator()->getAbsoluteURL('index.php');
 				$response = new RedirectResponse($url);
-				$this->api->log($exception->getMessage(), 'debug');
+				$this->app->log($exception->getMessage(), 'debug');
 			}
 
 			return $response;

lib/public/appframework/http/templateresponse.php

@@ -24,8 +24,6 @@
 
 namespace OCP\AppFramework\Http;
 
-use OC\AppFramework\Core\API;
-
 
 /**
  * Response for a normal template
@@ -34,20 +32,16 @@ class TemplateResponse extends Response {
 
 	protected $templateName;
 	protected $params;
-	protected $api;
 	protected $renderAs;
 	protected $appName;
 
 	/**
-	 * @param API $api an API instance
 	 * @param string $templateName the name of the template
-	 * @param string $appName optional if you want to include a template from
-	 *                        a different app
+	 * @param string $appName the name of the app to load the template from
 	 */
-	public function __construct(API $api, $templateName, $appName=null) {
+	public function __construct($appName, $templateName) {
 		$this->templateName = $templateName;
 		$this->appName = $appName;
-		$this->api = $api;
 		$this->params = array();
 		$this->renderAs = 'user';
 	}
@@ -108,13 +102,7 @@ class TemplateResponse extends Response {
 	 */
 	public function render(){
 
-		if($this->appName !== null){
-			$appName = $this->appName;
-		} else {
-			$appName = $this->api->getAppName();
-		}
-
-		$template = $this->api->getTemplate($this->templateName, $this->renderAs, $appName);
+		$template = new \OCP\Template($this->appName, $this->templateName, $this->renderAs);
 
 		foreach($this->params as $key => $value){
 			$template->assign($key, $value);

lib/public/appframework/iappcontainer.php

@@ -50,8 +50,26 @@ interface IAppContainer extends IContainer{
 	function getServer();
 
 	/**
-	 * @param IMiddleWare $middleWare
+	 * @param Middleware $middleWare
 	 * @return boolean
 	 */
-	function registerMiddleWare(IMiddleWare $middleWare);
+	function registerMiddleWare(Middleware $middleWare);
+
+	/**
+	 * @return boolean
+	 */
+	function isLoggedIn();
+
+	/**
+	 * @return boolean
+	 */
+	function isAdminUser();
+
+	/**
+	 * @param $message
+	 * @param $level
+	 * @return mixed
+	 */
+	function log($message, $level);
+
 }

lib/public/appframework/middleware.php

@@ -24,6 +24,7 @@
 
 namespace OCP\AppFramework;
 
+use OCP\AppFramework\Controller\Controller;
 use OCP\AppFramework\Http\Response;