Skip to content

Commit df84233

Browse files
blizzzblizzz
authored
Merge pull request #1407 from nextcloud/backport/1406/stable0.8
[stable0.8] refactor: Extend Permission Middleware usage and replace deprecated annotations with attributes
2 parents eb4ff79 + fc5e463 commit df84233

17 files changed

+258
-330
lines changed

lib/Controller/Api1Controller.php

Lines changed: 128 additions & 149 deletions
Large diffs are not rendered by default.

lib/Controller/ApiColumnsController.php

Lines changed: 16 additions & 14 deletions
Original file line numberDiff line numberDiff line change
@@ -6,13 +6,16 @@
66
*/
77
namespace OCA\Tables\Controller;
88

9+
use OCA\Tables\AppInfo\Application;
910
use OCA\Tables\Dto\Column as ColumnDto;
1011
use OCA\Tables\Errors\InternalError;
1112
use OCA\Tables\Errors\NotFoundError;
1213
use OCA\Tables\Errors\PermissionError;
14+
use OCA\Tables\Middleware\Attribute\RequirePermission;
1315
use OCA\Tables\ResponseDefinitions;
1416
use OCA\Tables\Service\ColumnService;
1517
use OCP\AppFramework\Http;
18+
use OCP\AppFramework\Http\Attribute\NoAdminRequired;
1619
use OCP\AppFramework\Http\DataResponse;
1720
use OCP\IL10N;
1821
use OCP\IRequest;
@@ -39,8 +42,6 @@ public function __construct(
3942
*
4043
* Return an empty array if no columns were found
4144
*
42-
* @NoAdminRequired
43-
*
4445
* @param int $nodeId Node ID
4546
* @param 'table'|'view' $nodeType Node type
4647
* @return DataResponse<Http::STATUS_OK, TablesColumn[], array{}>|DataResponse<Http::STATUS_FORBIDDEN|Http::STATUS_INTERNAL_SERVER_ERROR|Http::STATUS_NOT_FOUND, array{message: string}, array{}>
@@ -49,6 +50,8 @@ public function __construct(
4950
* 403: No permissions
5051
* 404: Not found
5152
*/
53+
#[NoAdminRequired]
54+
#[RequirePermission(permission: Application::PERMISSION_READ)]
5255
public function index(int $nodeId, string $nodeType): DataResponse {
5356
try {
5457
if($nodeType === 'table') {
@@ -71,15 +74,14 @@ public function index(int $nodeId, string $nodeType): DataResponse {
7174
/**
7275
* [api v2] Get a column object
7376
*
74-
* @NoAdminRequired
75-
*
7677
* @param int $id Column ID
7778
* @return DataResponse<Http::STATUS_OK, TablesColumn, array{}>|DataResponse<Http::STATUS_FORBIDDEN|Http::STATUS_INTERNAL_SERVER_ERROR|Http::STATUS_NOT_FOUND, array{message: string}, array{}>
7879
*
7980
* 200: Column returned
8081
* 403: No permissions
8182
* 404: Not found
8283
*/
84+
#[NoAdminRequired]
8385
public function show(int $id): DataResponse {
8486
try {
8587
return new DataResponse($this->service->find($id)->jsonSerialize());
@@ -97,8 +99,6 @@ public function show(int $id): DataResponse {
9799
*
98100
* Specify a subtype to use any special numbered column
99101
*
100-
* @NoAdminRequired
101-
*
102102
* @param int $baseNodeId Context of the column creation
103103
* @param string $title Title
104104
* @param boolean $mandatory Is mandatory
@@ -121,6 +121,8 @@ public function show(int $id): DataResponse {
121121
* @throws NotFoundError
122122
* @throws PermissionError
123123
*/
124+
#[NoAdminRequired]
125+
#[RequirePermission(permission: Application::PERMISSION_MANAGE, typeParam: 'baseNodeType', idParam: 'baseNodeId')]
124126
public function createNumberColumn(int $baseNodeId, string $title, ?float $numberDefault, ?int $numberDecimals, ?string $numberPrefix, ?string $numberSuffix, ?float $numberMin, ?float $numberMax, ?string $subtype = null, ?string $description = null, ?array $selectedViewIds = [], bool $mandatory = false, string $baseNodeType = 'table'): DataResponse {
125127
$tableId = $baseNodeType === 'table' ? $baseNodeId : null;
126128
$viewId = $baseNodeType === 'view' ? $baseNodeId : null;
@@ -151,8 +153,6 @@ public function createNumberColumn(int $baseNodeId, string $title, ?float $numbe
151153
*
152154
* Specify a subtype to use any special text column
153155
*
154-
* @NoAdminRequired
155-
*
156156
* @param int $baseNodeId Context of the column creation
157157
* @param string $title Title
158158
* @param string|null $textDefault Default
@@ -172,6 +172,8 @@ public function createNumberColumn(int $baseNodeId, string $title, ?float $numbe
172172
* @throws NotFoundError
173173
* @throws PermissionError
174174
*/
175+
#[NoAdminRequired]
176+
#[RequirePermission(permission: Application::PERMISSION_MANAGE, typeParam: 'baseNodeType', idParam: 'baseNodeId')]
175177
public function createTextColumn(int $baseNodeId, string $title, ?string $textDefault, ?string $textAllowedPattern, ?int $textMaxLength, ?string $subtype = null, ?string $description = null, ?array $selectedViewIds = [], bool $mandatory = false, string $baseNodeType = 'table'): DataResponse {
176178
$tableId = $baseNodeType === 'table' ? $baseNodeId : null;
177179
$viewId = $baseNodeType === 'view' ? $baseNodeId : null;
@@ -199,8 +201,6 @@ public function createTextColumn(int $baseNodeId, string $title, ?string $textDe
199201
*
200202
* Specify a subtype to use any special selection column
201203
*
202-
* @NoAdminRequired
203-
*
204204
* @param int $baseNodeId Context of the column creation
205205
* @param string $title Title
206206
* @param string $selectionOptions Json array{id: int, label: string} with options that can be selected, eg [{"id": 1, "label": "first"},{"id": 2, "label": "second"}]
@@ -219,6 +219,8 @@ public function createTextColumn(int $baseNodeId, string $title, ?string $textDe
219219
* @throws NotFoundError
220220
* @throws PermissionError
221221
*/
222+
#[NoAdminRequired]
223+
#[RequirePermission(permission: Application::PERMISSION_MANAGE, typeParam: 'baseNodeType', idParam: 'baseNodeId')]
222224
public function createSelectionColumn(int $baseNodeId, string $title, string $selectionOptions, ?string $selectionDefault, ?string $subtype = null, ?string $description = null, ?array $selectedViewIds = [], bool $mandatory = false, string $baseNodeType = 'table'): DataResponse {
223225
$tableId = $baseNodeType === 'table' ? $baseNodeId : null;
224226
$viewId = $baseNodeType === 'view' ? $baseNodeId : null;
@@ -245,8 +247,6 @@ public function createSelectionColumn(int $baseNodeId, string $title, string $se
245247
*
246248
* Specify a subtype to use any special datetime column
247249
*
248-
* @NoAdminRequired
249-
*
250250
* @param int $baseNodeId Context of the column creation
251251
* @param string $title Title
252252
* @param 'today'|'now'|null $datetimeDefault For a subtype 'date' you can set 'today'. For a main type or subtype 'time' you can set to 'now'.
@@ -264,6 +264,8 @@ public function createSelectionColumn(int $baseNodeId, string $title, string $se
264264
* @throws NotFoundError
265265
* @throws PermissionError
266266
*/
267+
#[NoAdminRequired]
268+
#[RequirePermission(permission: Application::PERMISSION_MANAGE, typeParam: 'baseNodeType', idParam: 'baseNodeId')]
267269
public function createDatetimeColumn(int $baseNodeId, string $title, ?string $datetimeDefault, ?string $subtype = null, ?string $description = null, ?array $selectedViewIds = [], bool $mandatory = false, string $baseNodeType = 'table'): DataResponse {
268270
$tableId = $baseNodeType === 'table' ? $baseNodeId : null;
269271
$viewId = $baseNodeType === 'view' ? $baseNodeId : null;
@@ -287,8 +289,6 @@ public function createDatetimeColumn(int $baseNodeId, string $title, ?string $da
287289
/**
288290
* [api v2] Create new usergroup column
289291
*
290-
* @NoAdminRequired
291-
*
292292
* @param int $baseNodeId Context of the column creation
293293
* @param string $title Title
294294
* @param string|null $usergroupDefault Json array{id: string, type: int}, eg [{"id": "admin", "type": 0}, {"id": "user1", "type": 0}]
@@ -309,6 +309,8 @@ public function createDatetimeColumn(int $baseNodeId, string $title, ?string $da
309309
* @throws NotFoundError
310310
* @throws PermissionError
311311
*/
312+
#[NoAdminRequired]
313+
#[RequirePermission(permission: Application::PERMISSION_MANAGE, typeParam: 'baseNodeType', idParam: 'baseNodeId')]
312314
public function createUsergroupColumn(int $baseNodeId, string $title, ?string $usergroupDefault, bool $usergroupMultipleItems = null, bool $usergroupSelectUsers = null, bool $usergroupSelectGroups = null, bool $showUserStatus = null, string $description = null, ?array $selectedViewIds = [], bool $mandatory = false, string $baseNodeType = 'table'): DataResponse {
313315
$tableId = $baseNodeType === 'table' ? $baseNodeId : null;
314316
$viewId = $baseNodeType === 'view' ? $baseNodeId : null;

lib/Controller/ApiFavoriteController.php

Lines changed: 7 additions & 4 deletions
Original file line numberDiff line numberDiff line change
@@ -8,12 +8,15 @@
88
namespace OCA\Tables\Controller;
99

1010
use Exception;
11+
use OCA\Tables\AppInfo\Application;
1112
use OCA\Tables\Errors\InternalError;
1213
use OCA\Tables\Errors\NotFoundError;
1314
use OCA\Tables\Errors\PermissionError;
15+
use OCA\Tables\Middleware\Attribute\RequirePermission;
1416
use OCA\Tables\ResponseDefinitions;
1517
use OCA\Tables\Service\FavoritesService;
1618
use OCP\AppFramework\Http;
19+
use OCP\AppFramework\Http\Attribute\NoAdminRequired;
1720
use OCP\AppFramework\Http\DataResponse;
1821
use OCP\DB\Exception as DBException;
1922
use OCP\IL10N;
@@ -39,8 +42,6 @@ public function __construct(
3942
/**
4043
* [api v2] Add a node (table or view) to user favorites
4144
*
42-
* @NoAdminRequired
43-
*
4445
* @param int $nodeType any Application::NODE_TYPE_* constant
4546
* @param int $nodeId identifier of the node
4647
* @return DataResponse<Http::STATUS_OK, array{}, array{}>|DataResponse<Http::STATUS_FORBIDDEN|Http::STATUS_INTERNAL_SERVER_ERROR|Http::STATUS_NOT_FOUND, array{message: string}, array{}>
@@ -49,6 +50,8 @@ public function __construct(
4950
* 403: No permissions
5051
* 404: Not found
5152
*/
53+
#[NoAdminRequired]
54+
#[RequirePermission(permission: Application::PERMISSION_READ)]
5255
public function create(int $nodeType, int $nodeId): DataResponse {
5356
try {
5457
$this->service->addFavorite($nodeType, $nodeId);
@@ -66,8 +69,6 @@ public function create(int $nodeType, int $nodeId): DataResponse {
6669
/**
6770
* [api v2] Remove a node (table or view) to from favorites
6871
*
69-
* @NoAdminRequired
70-
*
7172
* @param int $nodeType any Application::NODE_TYPE_* constant
7273
* @param int $nodeId identifier of the node
7374
* @return DataResponse<Http::STATUS_OK, array{}, array{}>|DataResponse<Http::STATUS_FORBIDDEN|Http::STATUS_INTERNAL_SERVER_ERROR|Http::STATUS_NOT_FOUND, array{message: string}, array{}>
@@ -76,6 +77,8 @@ public function create(int $nodeType, int $nodeId): DataResponse {
7677
* 403: No permissions
7778
* 404: Not found
7879
*/
80+
#[NoAdminRequired]
81+
#[RequirePermission(permission: Application::PERMISSION_READ)]
7982
public function destroy(int $nodeType, int $nodeId): DataResponse {
8083
try {
8184
$this->service->removeFavorite($nodeType, $nodeId);

lib/Controller/ApiGeneralController.php

Lines changed: 2 additions & 2 deletions
Original file line numberDiff line numberDiff line change
@@ -15,6 +15,7 @@
1515
use OCA\Tables\Service\TableService;
1616
use OCA\Tables\Service\ViewService;
1717
use OCP\AppFramework\Http;
18+
use OCP\AppFramework\Http\Attribute\NoAdminRequired;
1819
use OCP\AppFramework\Http\DataResponse;
1920
use OCP\IL10N;
2021
use OCP\IRequest;
@@ -46,12 +47,11 @@ public function __construct(
4647
*
4748
* Tables and views incl. shares
4849
*
49-
* @NoAdminRequired
50-
*
5150
* @return DataResponse<Http::STATUS_OK, TablesIndex, array{}>|DataResponse<Http::STATUS_INTERNAL_SERVER_ERROR, array{message: string}, array{}>
5251
*
5352
* 200: Index returned
5453
*/
54+
#[NoAdminRequired]
5555
public function index(): DataResponse {
5656
try {
5757
$tables = $this->tableService->formatTables($this->tableService->findAll($this->userId));

lib/Controller/ApiTablesController.php

Lines changed: 15 additions & 16 deletions
Original file line numberDiff line numberDiff line change
@@ -8,16 +8,19 @@
88
namespace OCA\Tables\Controller;
99

1010
use Exception;
11+
use OCA\Tables\AppInfo\Application;
1112
use OCA\Tables\Dto\Column as ColumnDto;
1213
use OCA\Tables\Errors\InternalError;
1314
use OCA\Tables\Errors\NotFoundError;
1415
use OCA\Tables\Errors\PermissionError;
16+
use OCA\Tables\Middleware\Attribute\RequirePermission;
1517
use OCA\Tables\ResponseDefinitions;
1618
use OCA\Tables\Service\ColumnService;
1719
use OCA\Tables\Service\TableService;
1820
use OCA\Tables\Service\ViewService;
1921
use OCP\App\IAppManager;
2022
use OCP\AppFramework\Http;
23+
use OCP\AppFramework\Http\Attribute\NoAdminRequired;
2124
use OCP\AppFramework\Http\DataResponse;
2225
use OCP\IDBConnection;
2326
use OCP\IL10N;
@@ -57,12 +60,11 @@ public function __construct(
5760
/**
5861
* [api v2] Returns all Tables
5962
*
60-
* @NoAdminRequired
61-
*
6263
* @return DataResponse<Http::STATUS_OK, TablesTable[], array{}>|DataResponse<Http::STATUS_INTERNAL_SERVER_ERROR, array{message: string}, array{}>
6364
*
6465
* 200: Tables returned
6566
*/
67+
#[NoAdminRequired]
6668
public function index(): DataResponse {
6769
try {
6870
return new DataResponse($this->service->formatTables($this->service->findAll($this->userId)));
@@ -74,15 +76,15 @@ public function index(): DataResponse {
7476
/**
7577
* [api v2] Get a table object
7678
*
77-
* @NoAdminRequired
78-
*
7979
* @param int $id Table ID
8080
* @return DataResponse<Http::STATUS_OK, TablesTable, array{}>|DataResponse<Http::STATUS_FORBIDDEN|Http::STATUS_INTERNAL_SERVER_ERROR|Http::STATUS_NOT_FOUND, array{message: string}, array{}>
8181
*
8282
* 200: Table returned
8383
* 403: No permissions
8484
* 404: Not found
8585
*/
86+
#[NoAdminRequired]
87+
#[RequirePermission(permission: Application::PERMISSION_READ, type: Application::NODE_TYPE_TABLE, idParam: 'id')]
8688
public function show(int $id): DataResponse {
8789
try {
8890
return new DataResponse($this->service->find($id)->jsonSerialize());
@@ -98,15 +100,15 @@ public function show(int $id): DataResponse {
98100
/**
99101
* [api v2] Get a table Scheme
100102
*
101-
* @NoAdminRequired
102-
*
103103
* @param int $id Table ID
104104
* @return DataResponse<Http::STATUS_OK, TablesTable, array{}>|DataResponse<Http::STATUS_FORBIDDEN|Http::STATUS_INTERNAL_SERVER_ERROR|Http::STATUS_NOT_FOUND, array{message: string}, array{}>
105105
*
106106
* 200: Scheme returned
107107
* 403: No permissions
108108
* 404: Not found
109109
*/
110+
#[NoAdminRequired]
111+
#[RequirePermission(permission: Application::PERMISSION_READ, type: Application::NODE_TYPE_TABLE, idParam: 'id')]
110112
public function showScheme(int $id): DataResponse {
111113
try {
112114
return new DataResponse($this->service->getScheme($id)->jsonSerialize());
@@ -120,8 +122,6 @@ public function showScheme(int $id): DataResponse {
120122
}
121123

122124
/**
123-
* @NoAdminRequired
124-
*
125125
* creates table from scheme
126126
*
127127
* @param string $title title of new table
@@ -133,6 +133,7 @@ public function showScheme(int $id): DataResponse {
133133
*
134134
* 200: Tables returned
135135
*/
136+
#[NoAdminRequired]
136137
public function createFromScheme(string $title, string $emoji, string $description, array $columns, array $views): DataResponse {
137138
try {
138139
$this->db->beginTransaction();
@@ -191,8 +192,6 @@ public function createFromScheme(string $title, string $emoji, string $descripti
191192
/**
192193
* [api v2] Create a new table and return it
193194
*
194-
* @NoAdminRequired
195-
*
196195
* @param string $title Title of the table
197196
* @param string|null $emoji Emoji for the table
198197
* @param string|null $description Description for the table
@@ -202,6 +201,7 @@ public function createFromScheme(string $title, string $emoji, string $descripti
202201
*
203202
* 200: Tables returned
204203
*/
204+
#[NoAdminRequired]
205205
public function create(string $title, ?string $emoji, ?string $description, string $template = 'custom'): DataResponse {
206206
try {
207207
return new DataResponse($this->service->create($title, $template, $emoji, $description)->jsonSerialize());
@@ -213,8 +213,6 @@ public function create(string $title, ?string $emoji, ?string $description, stri
213213
/**
214214
* [api v2] Update tables properties
215215
*
216-
* @NoAdminRequired
217-
*
218216
* @param int $id Table ID
219217
* @param string|null $title New table title
220218
* @param string|null $emoji New table emoji
@@ -226,6 +224,8 @@ public function create(string $title, ?string $emoji, ?string $description, stri
226224
* 403: No permissions
227225
* 404: Not found
228226
*/
227+
#[NoAdminRequired]
228+
#[RequirePermission(permission: Application::PERMISSION_MANAGE, type: Application::NODE_TYPE_TABLE, idParam: 'id')]
229229
public function update(int $id, ?string $title = null, ?string $emoji = null, ?string $description = null, ?bool $archived = null): DataResponse {
230230
try {
231231
return new DataResponse($this->service->update($id, $title, $emoji, $description, $archived, $this->userId)->jsonSerialize());
@@ -241,15 +241,15 @@ public function update(int $id, ?string $title = null, ?string $emoji = null, ?s
241241
/**
242242
* [api v2] Delete a table
243243
*
244-
* @NoAdminRequired
245-
*
246244
* @param int $id Table ID
247245
* @return DataResponse<Http::STATUS_OK, TablesTable, array{}>|DataResponse<Http::STATUS_FORBIDDEN|Http::STATUS_INTERNAL_SERVER_ERROR|Http::STATUS_NOT_FOUND, array{message: string}, array{}>
248246
*
249247
* 200: Deleted table returned
250248
* 403: No permissions
251249
* 404: Not found
252250
*/
251+
#[NoAdminRequired]
252+
#[RequirePermission(permission: Application::PERMISSION_MANAGE, type: Application::NODE_TYPE_TABLE, idParam: 'id')]
253253
public function destroy(int $id): DataResponse {
254254
try {
255255
return new DataResponse($this->service->delete($id)->jsonSerialize());
@@ -267,8 +267,6 @@ public function destroy(int $id): DataResponse {
267267
*
268268
* Transfer table from one user to another
269269
*
270-
* @NoAdminRequired
271-
*
272270
* @param int $id Table ID
273271
* @param string $newOwnerUserId New user ID
274272
*
@@ -278,6 +276,7 @@ public function destroy(int $id): DataResponse {
278276
* 403: No permissions
279277
* 404: Not found
280278
*/
279+
#[NoAdminRequired]
281280
public function transfer(int $id, string $newOwnerUserId): DataResponse {
282281
try {
283282
return new DataResponse($this->service->setOwner($id, $newOwnerUserId)->jsonSerialize());

0 commit comments

Comments
 (0)