Remove unused methods and constants from legacy OC_API
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
This commit is contained in:
parent
3655951dd7
commit
a1232f46ca
2 changed files with 0 additions and 392 deletions
|
@ -37,44 +37,10 @@ use OCP\AppFramework\Http;
|
|||
|
||||
class OC_API {
|
||||
|
||||
/**
|
||||
* API authentication levels
|
||||
*/
|
||||
|
||||
/** @deprecated Use \OCP\API::GUEST_AUTH instead */
|
||||
const GUEST_AUTH = 0;
|
||||
|
||||
/** @deprecated Use \OCP\API::USER_AUTH instead */
|
||||
const USER_AUTH = 1;
|
||||
|
||||
/** @deprecated Use \OCP\API::SUBADMIN_AUTH instead */
|
||||
const SUBADMIN_AUTH = 2;
|
||||
|
||||
/** @deprecated Use \OCP\API::ADMIN_AUTH instead */
|
||||
const ADMIN_AUTH = 3;
|
||||
|
||||
/**
|
||||
* API Response Codes
|
||||
*/
|
||||
|
||||
/** @deprecated Use \OCP\API::RESPOND_UNAUTHORISED instead */
|
||||
const RESPOND_UNAUTHORISED = 997;
|
||||
|
||||
/** @deprecated Use \OCP\API::RESPOND_SERVER_ERROR instead */
|
||||
const RESPOND_SERVER_ERROR = 996;
|
||||
|
||||
/** @deprecated Use \OCP\API::RESPOND_NOT_FOUND instead */
|
||||
const RESPOND_NOT_FOUND = 998;
|
||||
|
||||
/** @deprecated Use \OCP\API::RESPOND_UNKNOWN_ERROR instead */
|
||||
const RESPOND_UNKNOWN_ERROR = 999;
|
||||
|
||||
/**
|
||||
* api actions
|
||||
*/
|
||||
protected static $actions = array();
|
||||
private static $logoutRequired = false;
|
||||
private static $isLoggedIn = false;
|
||||
|
||||
/**
|
||||
* registers an api call
|
||||
|
@ -106,249 +72,6 @@ class OC_API {
|
|||
self::$actions[$name][] = array('app' => $app, 'action' => $action, 'authlevel' => $authLevel);
|
||||
}
|
||||
|
||||
/**
|
||||
* handles an api call
|
||||
* @param array $parameters
|
||||
*/
|
||||
public static function call($parameters) {
|
||||
$request = \OC::$server->getRequest();
|
||||
$method = $request->getMethod();
|
||||
|
||||
// Prepare the request variables
|
||||
if($method === 'PUT') {
|
||||
$parameters['_put'] = $request->getParams();
|
||||
} else if($method === 'DELETE') {
|
||||
$parameters['_delete'] = $request->getParams();
|
||||
}
|
||||
$name = $parameters['_route'];
|
||||
// Foreach registered action
|
||||
$responses = array();
|
||||
$appManager = \OC::$server->getAppManager();
|
||||
foreach(self::$actions[$name] as $action) {
|
||||
// Check authentication and availability
|
||||
if(!self::isAuthorised($action)) {
|
||||
$responses[] = array(
|
||||
'app' => $action['app'],
|
||||
'response' => new \OC\OCS\Result(null, API::RESPOND_UNAUTHORISED, 'Unauthorised'),
|
||||
'shipped' => $appManager->isShipped($action['app']),
|
||||
);
|
||||
continue;
|
||||
}
|
||||
if(!is_callable($action['action'])) {
|
||||
$responses[] = array(
|
||||
'app' => $action['app'],
|
||||
'response' => new \OC\OCS\Result(null, API::RESPOND_NOT_FOUND, 'Api method not found'),
|
||||
'shipped' => $appManager->isShipped($action['app']),
|
||||
);
|
||||
continue;
|
||||
}
|
||||
// Run the action
|
||||
$responses[] = array(
|
||||
'app' => $action['app'],
|
||||
'response' => call_user_func($action['action'], $parameters),
|
||||
'shipped' => $appManager->isShipped($action['app']),
|
||||
);
|
||||
}
|
||||
$response = self::mergeResponses($responses);
|
||||
$format = self::requestedFormat();
|
||||
if (self::$logoutRequired) {
|
||||
\OC::$server->getUserSession()->logout();
|
||||
}
|
||||
|
||||
self::respond($response, $format);
|
||||
}
|
||||
|
||||
/**
|
||||
* merge the returned result objects into one response
|
||||
* @param array $responses
|
||||
* @return \OC\OCS\Result
|
||||
*/
|
||||
public static function mergeResponses($responses) {
|
||||
// Sort into shipped and third-party
|
||||
$shipped = array(
|
||||
'succeeded' => array(),
|
||||
'failed' => array(),
|
||||
);
|
||||
$thirdparty = array(
|
||||
'succeeded' => array(),
|
||||
'failed' => array(),
|
||||
);
|
||||
|
||||
foreach($responses as $response) {
|
||||
if($response['shipped'] || ($response['app'] === 'core')) {
|
||||
if($response['response']->succeeded()) {
|
||||
$shipped['succeeded'][$response['app']] = $response;
|
||||
} else {
|
||||
$shipped['failed'][$response['app']] = $response;
|
||||
}
|
||||
} else {
|
||||
if($response['response']->succeeded()) {
|
||||
$thirdparty['succeeded'][$response['app']] = $response;
|
||||
} else {
|
||||
$thirdparty['failed'][$response['app']] = $response;
|
||||
}
|
||||
}
|
||||
}
|
||||
|
||||
// Remove any error responses if there is one shipped response that succeeded
|
||||
if(!empty($shipped['failed'])) {
|
||||
// Which shipped response do we use if they all failed?
|
||||
// They may have failed for different reasons (different status codes)
|
||||
// Which response code should we return?
|
||||
// Maybe any that are not \OCP\API::RESPOND_SERVER_ERROR
|
||||
// Merge failed responses if more than one
|
||||
$data = array();
|
||||
foreach($shipped['failed'] as $failure) {
|
||||
$data = array_merge_recursive($data, $failure['response']->getData());
|
||||
}
|
||||
$picked = reset($shipped['failed']);
|
||||
$code = $picked['response']->getStatusCode();
|
||||
$meta = $picked['response']->getMeta();
|
||||
$headers = $picked['response']->getHeaders();
|
||||
$response = new \OC\OCS\Result($data, $code, $meta['message'], $headers);
|
||||
return $response;
|
||||
} elseif(!empty($shipped['succeeded'])) {
|
||||
$responses = array_merge($shipped['succeeded'], $thirdparty['succeeded']);
|
||||
} elseif(!empty($thirdparty['failed'])) {
|
||||
// Merge failed responses if more than one
|
||||
$data = array();
|
||||
foreach($thirdparty['failed'] as $failure) {
|
||||
$data = array_merge_recursive($data, $failure['response']->getData());
|
||||
}
|
||||
$picked = reset($thirdparty['failed']);
|
||||
$code = $picked['response']->getStatusCode();
|
||||
$meta = $picked['response']->getMeta();
|
||||
$headers = $picked['response']->getHeaders();
|
||||
$response = new \OC\OCS\Result($data, $code, $meta['message'], $headers);
|
||||
return $response;
|
||||
} else {
|
||||
$responses = $thirdparty['succeeded'];
|
||||
}
|
||||
// Merge the successful responses
|
||||
$data = [];
|
||||
$codes = [];
|
||||
$header = [];
|
||||
|
||||
foreach($responses as $response) {
|
||||
if($response['shipped']) {
|
||||
$data = array_merge_recursive($response['response']->getData(), $data);
|
||||
} else {
|
||||
$data = array_merge_recursive($data, $response['response']->getData());
|
||||
}
|
||||
$header = array_merge_recursive($header, $response['response']->getHeaders());
|
||||
$codes[] = ['code' => $response['response']->getStatusCode(),
|
||||
'meta' => $response['response']->getMeta()];
|
||||
}
|
||||
|
||||
// Use any non 100 status codes
|
||||
$statusCode = 100;
|
||||
$statusMessage = null;
|
||||
foreach($codes as $code) {
|
||||
if($code['code'] != 100) {
|
||||
$statusCode = $code['code'];
|
||||
$statusMessage = $code['meta']['message'];
|
||||
break;
|
||||
}
|
||||
}
|
||||
|
||||
return new \OC\OCS\Result($data, $statusCode, $statusMessage, $header);
|
||||
}
|
||||
|
||||
/**
|
||||
* authenticate the api call
|
||||
* @param array $action the action details as supplied to OC_API::register()
|
||||
* @return bool
|
||||
*/
|
||||
private static function isAuthorised($action) {
|
||||
$level = $action['authlevel'];
|
||||
switch($level) {
|
||||
case API::GUEST_AUTH:
|
||||
// Anyone can access
|
||||
return true;
|
||||
case API::USER_AUTH:
|
||||
// User required
|
||||
return self::loginUser();
|
||||
case API::SUBADMIN_AUTH:
|
||||
// Check for subadmin
|
||||
$user = self::loginUser();
|
||||
if(!$user) {
|
||||
return false;
|
||||
} else {
|
||||
$userObject = \OC::$server->getUserSession()->getUser();
|
||||
if($userObject === null) {
|
||||
return false;
|
||||
}
|
||||
$isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject);
|
||||
$admin = OC_User::isAdminUser($user);
|
||||
if($isSubAdmin || $admin) {
|
||||
return true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
case API::ADMIN_AUTH:
|
||||
// Check for admin
|
||||
$user = self::loginUser();
|
||||
if(!$user) {
|
||||
return false;
|
||||
} else {
|
||||
return OC_User::isAdminUser($user);
|
||||
}
|
||||
default:
|
||||
// oops looks like invalid level supplied
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* http basic auth
|
||||
* @return string|false (username, or false on failure)
|
||||
*/
|
||||
private static function loginUser() {
|
||||
if(self::$isLoggedIn === true) {
|
||||
return \OC_User::getUser();
|
||||
}
|
||||
|
||||
// reuse existing login
|
||||
$loggedIn = \OC::$server->getUserSession()->isLoggedIn();
|
||||
if ($loggedIn === true) {
|
||||
if (\OC::$server->getTwoFactorAuthManager()->needsSecondFactor(\OC::$server->getUserSession()->getUser())) {
|
||||
// Do not allow access to OCS until the 2FA challenge was solved successfully
|
||||
return false;
|
||||
}
|
||||
$ocsApiRequest = isset($_SERVER['HTTP_OCS_APIREQUEST']) ? $_SERVER['HTTP_OCS_APIREQUEST'] === 'true' : false;
|
||||
if ($ocsApiRequest) {
|
||||
|
||||
// initialize the user's filesystem
|
||||
\OC_Util::setupFS(\OC_User::getUser());
|
||||
self::$isLoggedIn = true;
|
||||
|
||||
return OC_User::getUser();
|
||||
}
|
||||
return false;
|
||||
}
|
||||
|
||||
// basic auth - because OC_User::login will create a new session we shall only try to login
|
||||
// if user and pass are set
|
||||
$userSession = \OC::$server->getUserSession();
|
||||
$request = \OC::$server->getRequest();
|
||||
try {
|
||||
if ($userSession->tryTokenLogin($request)
|
||||
|| $userSession->tryBasicAuthLogin($request, \OC::$server->getBruteForceThrottler())) {
|
||||
self::$logoutRequired = true;
|
||||
} else {
|
||||
return false;
|
||||
}
|
||||
// initialize the user's filesystem
|
||||
\OC_Util::setupFS(\OC_User::getUser());
|
||||
self::$isLoggedIn = true;
|
||||
|
||||
return \OC_User::getUser();
|
||||
} catch (\OC\User\LoginException $e) {
|
||||
return false;
|
||||
}
|
||||
}
|
||||
|
||||
/**
|
||||
* respond to a call
|
||||
* @param \OC\OCS\Result $result
|
||||
|
|
|
@ -83,119 +83,4 @@ class APITest extends \Test\TestCase {
|
|||
|
||||
$this->assertEquals($expected, $this->invokePrivate(new \OC_API, 'isV2', [$request]));
|
||||
}
|
||||
|
||||
function dataProviderTestOneResult() {
|
||||
return [
|
||||
[100, true],
|
||||
[101, false],
|
||||
[997, false],
|
||||
];
|
||||
}
|
||||
|
||||
/**
|
||||
* @dataProvider dataProviderTestOneResult
|
||||
*
|
||||
* @param $statusCode
|
||||
* @param $succeeded
|
||||
*/
|
||||
public function testOneResult($statusCode, $succeeded) {
|
||||
// Setup some data arrays
|
||||
$data1 = [
|
||||
'users' => [
|
||||
'tom' => [
|
||||
'key' => 'value',
|
||||
],
|
||||
'frank' => [
|
||||
'key' => 'value',
|
||||
],
|
||||
]];
|
||||
|
||||
// Test merging one success result
|
||||
$response = $this->buildResponse(true, $data1, $statusCode);
|
||||
$result = \OC_API::mergeResponses([$response]);
|
||||
$this->assertEquals($response['response'], $result);
|
||||
$this->checkResult($result, $succeeded);
|
||||
}
|
||||
|
||||
function dataProviderTestMergeResponses() {
|
||||
return [
|
||||
// Two shipped success results
|
||||
[true, 100, true, 100, true],
|
||||
// Two shipped results, one success and one failure
|
||||
[true, 100, true, 998, false],
|
||||
// Two shipped results, both failure
|
||||
[true, 997, true, 998, false],
|
||||
// Two third party success results
|
||||
[false, 100, false, 100, true],
|
||||
// Two third party results, one success and one failure
|
||||
[false, 100, false, 998, false],
|
||||
// Two third party results, both failure
|
||||
[false, 997, false, 998, false],
|
||||
// One of each, both success
|
||||
[false, 100, true, 100, true],
|
||||
[true, 100, false, 100, true],
|
||||
// One of each, both failure
|
||||
[false, 997, true, 998, false],
|
||||
// One of each, shipped success
|
||||
[false, 997, true, 100, true],
|
||||
// One of each, third party success
|
||||
[false, 100, true, 998, false],
|
||||
];
|
||||
}
|
||||
/**
|
||||
* @dataProvider dataProviderTestMergeResponses
|
||||
*
|
||||
* Test the merging of multiple responses
|
||||
* @param $statusCode1
|
||||
* @param $statusCode2
|
||||
* @param $succeeded
|
||||
*/
|
||||
public function testMultipleMergeResponses($shipped1, $statusCode1, $shipped2, $statusCode2, $succeeded){
|
||||
// Tests that app responses are merged correctly
|
||||
// Setup some data arrays
|
||||
$data1 = array(
|
||||
'users' => array(
|
||||
'tom' => array(
|
||||
'key' => 'value',
|
||||
),
|
||||
'frank' => array(
|
||||
'key' => 'value',
|
||||
),
|
||||
));
|
||||
|
||||
$data2 = array(
|
||||
'users' => array(
|
||||
'tom' => array(
|
||||
'key' => 'newvalue',
|
||||
),
|
||||
'jan' => array(
|
||||
'key' => 'value',
|
||||
),
|
||||
));
|
||||
|
||||
// Two shipped success results
|
||||
$result = \OC_API::mergeResponses(array(
|
||||
$this->buildResponse($shipped1, $data1, $statusCode1, "message1"),
|
||||
$this->buildResponse($shipped2, $data2, $statusCode2, "message2"),
|
||||
));
|
||||
$this->checkResult($result, $succeeded);
|
||||
$resultData = $result->getData();
|
||||
$resultMeta = $result->getMeta();
|
||||
$resultHeaders = $result->getHeaders();
|
||||
$resultStatusCode = $result->getStatusCode();
|
||||
|
||||
$this->assertArrayHasKey('jan', $resultData['users']);
|
||||
$this->assertArrayHasKey('KEY', $resultHeaders);
|
||||
|
||||
// check if the returned status message matches the selected status code
|
||||
if ($resultStatusCode === 997) {
|
||||
$this->assertEquals('message1', $resultMeta['message']);
|
||||
} elseif ($resultStatusCode === 998) {
|
||||
$this->assertEquals('message2', $resultMeta['message']);
|
||||
} elseif ($resultStatusCode === 100) {
|
||||
$this->assertEquals(null, $resultMeta['message']);
|
||||
}
|
||||
|
||||
}
|
||||
|
||||
}
|
||||
|
|
Loading…
Reference in a new issue