PNG  IHDR;IDATxܻn0K )(pA 7LeG{ §㻢|ذaÆ 6lذaÆ 6lذaÆ 6lom$^yذag5bÆ 6lذaÆ 6lذa{ 6lذaÆ `}HFkm,mӪôô! x|'ܢ˟;E:9&ᶒ}{v]n&6 h_tڠ͵-ҫZ;Z$.Pkž)!o>}leQfJTu іچ\X=8Rن4`Vwl>nG^is"ms$ui?wbs[m6K4O.4%/bC%t Mז -lG6mrz2s%9s@-k9=)kB5\+͂Zsٲ Rn~GRC wIcIn7jJhۛNCS|j08yiHKֶۛkɈ+;SzL/F*\Ԕ#"5m2[S=gnaPeғL lذaÆ 6l^ḵaÆ 6lذaÆ 6lذa; _ذaÆ 6lذaÆ 6lذaÆ RIENDB` * * @copyright Copyright (c) 2020, ownCloud GmbH * @license AGPL-3.0 * * This code is free software: you can redistribute it and/or modify * it under the terms of the GNU Affero General Public License, version 3, * as published by the Free Software Foundation. * * This program is distributed in the hope that it will be useful, * but WITHOUT ANY WARRANTY; without even the implied warranty of * MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the * GNU Affero General Public License for more details. * * You should have received a copy of the GNU Affero General Public License, version 3, * along with this program. If not, see * */ namespace OC\Core\Controller; use OC\OCS\Result; use OCP\IDBConnection; use OCP\IRequest; use OCP\IUserManager; use OCP\IUserSession; /** * This class encapsulates all legacy OCS endpoints moved from lib/private/OCS */ class OcsController extends \OCP\AppFramework\OCSController { public const SELECT_MULTIPLE_STMT = 'SELECT `key`, `app`, `value` FROM `*PREFIX*privatedata` WHERE `user` = ? AND `app` = ? '; public const SELECT_SINGLE_STMT = 'SELECT `key`, `app`, `value` FROM `*PREFIX*privatedata` WHERE `user` = ? AND `app` = ? AND `key` = ? '; public const DELETE_STMT = 'DELETE FROM `*PREFIX*privatedata` WHERE `user` = ? AND `app` = ? AND `key` = ? '; /** @var IDBConnection */ private $dbConnection; /** @var IUserSession */ private $userSession; /** @var IUserManager */ private $userManager; /** * OccController constructor. * * @param string $appName * @param IRequest $request * @param IUserSession $userSession */ public function __construct( $appName, IRequest $request, IDBConnection $dbConnection, IUserSession $userSession, IUserManager $userManager ) { parent::__construct($appName, $request); $this->dbConnection = $dbConnection; $this->userSession = $userSession; $this->userManager = $userManager; } /** * @NoAdminRequired * @NoCSRFRequired * @PublicPage * * @return Result */ public function getConfig() { return new Result([ 'version' => '1.7', 'website' => 'ownCloud', 'host' => $this->request->getServerHost(), 'contact' => '', 'ssl' => 'false', ]); } /** * @NoAdminRequired * @PublicPage * * @param string $login * @param string $password * * @return Result */ public function checkPerson($login, $password) { if ($login && $password) { $user = $this->userManager->checkPassword($login, $password); if ($user !== false) { $xml = []; $xml['person']['personid'] = $user->getUID(); return new Result($xml); } else { return new Result(null, 102); } } else { return new Result(null, 101); } } /** * read keys * test: curl http://login:passwd@oc/core/ocs/v1.php/privatedata/getattribute * * @NoAdminRequired * * @return Result */ public function getDefaultAttributes() { return $this->getAttribute(''); } /** * read keys * test: curl http://login:passwd@oc/core/ocs/v1.php/privatedata/getattribute/testy * * @NoAdminRequired * * @param string $app * * @return Result */ public function getAppAttributes($app) { return $this->getAttribute($app); } /** * read keys * test: curl http://login:passwd@oc/core/ocs/v1.php/privatedata/getattribute/testy/123 * * @NoAdminRequired * * @param string $app * @param string|null $key * * @return Result */ public function getAttribute($app, $key = null) { $app = $this->escape($app); $user = $this->userSession->getUser()->getUID(); if ($key === null) { $q = $this->dbConnection->prepare(self::SELECT_MULTIPLE_STMT); $result = $q->execute([$user, $app]); } else { $key = $this->escape($key); $q = $this->dbConnection->prepare(self::SELECT_SINGLE_STMT); $result = $q->execute([$user, $app, $key]); } $xml = []; if ($result === true) { while ($row = $q->fetch()) { $data= []; $data['key']=$row['key']; $data['app']=$row['app']; $data['value']=$row['value']; $xml[] = $data; } } return new Result($xml); } /** * set a key * test: curl http://login:passwd@oc/core/ocs/v1.php/privatedata/setattribute/testy/123 --data "value=foobar" * * @NoAdminRequired * * @param string $app * @param string $key * * @return Result */ public function setAttribute($app, $key) { $app = $this->escape($app); $key = $this->escape($key); $user = $this->userSession->getUser()->getUID(); $value = $this->request->getParam('value'); $this->dbConnection->upsert( '*PREFIX*privatedata', [ 'value' => $value, 'user' => $user, 'app' => $app, 'key' => $key ], [ 'user', 'app', 'key' ] ); return new Result(null, 100); } /** * delete a key * test: curl http://login:passwd@oc/core/ocs/v1.php/privatedata/deleteattribute/testy/123 --data "post=1" * * @NoAdminRequired * * @param string $app * @param string $key * * @return Result */ public function deleteAttribute($app, $key) { $app = $this->escape($app); $key = $this->escape($key); $user = $this->userSession->getUser()->getUID(); // delete in DB $q = $this->dbConnection->prepare(self::DELETE_STMT); $q->execute([$user, $app, $key]); return new Result(null, 100); } /** * @param string $value * @return string */ private function escape($value) { return \addslashes(\strip_tags($value)); } }