Skip to content
New issue

Have a question about this project? Sign up for a free GitHub account to open an issue and contact its maintainers and the community.

Sign up for GitHub

By clicking “Sign up for GitHub”, you agree to our terms of service and privacy statement. We’ll occasionally send you account related emails.

Already on GitHub? Sign in to your account

Jump to bottom

Make use of session middleware in remaining controllers #4290

Merged
merged 6 commits into from
Jun 24, 2023
Merged

Make use of session middleware in remaining controllers #4290

Show file tree
Hide file tree
Changes from all commits
Commits
Show all changes
6 commits
Select commit Hold shift + click to select a range
f5963e1
chore: Annotate controller methods in routes.php
juliusknorr Jun 13, 2023
c9f252d
chore: Cleanup workspace controller
juliusknorr Jun 13, 2023
7471edc
chore: Refactor remaining controllers to make use of the session midd…
juliusknorr Jun 13, 2023
e549536
chore: Cleanup in direct editing backend
juliusknorr Jun 13, 2023
3b7877b
chore: Cleanup psalm baseline
juliusknorr Jun 13, 2023
84dd2d3
test(api): Try different approach of chaining api calls
juliusknorr Jun 13, 2023
File filter

Filter by extension

Filter by extension
Conversations
Failed to load comments.
Loading
Jump to
Jump to file
Failed to load files.
Loading
Diff view
Diff view
24 changes: 23 additions & 1 deletion appinfo/routes.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,35 +25,57 @@

namespace OCA\Text\AppInfo;

use OCA\Text\Controller;

return [
'routes' => [
/** @see Controller\AttachmentController::insertAttachmentFile() */
['name' => 'Attachment#insertAttachmentFile', 'url' => '/attachment/filepath', 'verb' => 'POST'],
/** @see Controller\AttachmentController::uploadAttachment() */
['name' => 'Attachment#uploadAttachment', 'url' => '/attachment/upload', 'verb' => 'POST'],
/** @see Controller\AttachmentController::getImageFile() */
['name' => 'Attachment#getImageFile', 'url' => '/image', 'verb' => 'GET'],
/** @see Controller\AttachmentController::getMediaFile() */
['name' => 'Attachment#getMediaFile', 'url' => '/media', 'verb' => 'GET'],
/** @see Controller\AttachmentController::getMediaFilePreview() */
['name' => 'Attachment#getMediaFilePreview', 'url' => '/mediaPreview', 'verb' => 'GET'],
/** @see Controller\AttachmentController::getMediaFileMetadata() */
['name' => 'Attachment#getMediaFileMetadata', 'url' => '/mediaMetadata', 'verb' => 'GET'],

/** @see Controller\SessionController::create() */
['name' => 'Session#create', 'url' => '/session/create', 'verb' => 'PUT'],
/** @see Controller\SessionController::sync() */
['name' => 'Session#sync', 'url' => '/session/sync', 'verb' => 'POST'],
/** @see Controller\SessionController::push() */
['name' => 'Session#push', 'url' => '/session/push', 'verb' => 'POST'],
/** @see Controller\SessionController::close() */
['name' => 'Session#close', 'url' => '/session/close', 'verb' => 'POST'],
/** @see Controller\SessionController::mention() */
['name' => 'Session#mention', 'url' => '/session/mention', 'verb' => 'PUT'],

/** @see Controller\PublicSessionController::create() */
['name' => 'PublicSession#create', 'url' => '/public/session/create', 'verb' => 'PUT'],
/** @see Controller\PublicSessionController::updateSession() */
['name' => 'PublicSession#updateSession', 'url' => '/public/session', 'verb' => 'POST'],
/** @see Controller\PublicSessionController::sync() */
['name' => 'PublicSession#sync', 'url' => '/public/session/sync', 'verb' => 'POST'],
/** @see Controller\PublicSessionController::push() */
['name' => 'PublicSession#push', 'url' => '/public/session/push', 'verb' => 'POST'],

/** @see Controller\PublicSessionController::close() */
['name' => 'PublicSession#close', 'url' => '/public/session/close', 'verb' => 'POST'],

/** @see Controller\SettingsController::updateConfig() */
['name' => 'Settings#updateConfig', 'url' => '/settings', 'verb' => 'POST'],

/** @see Controller\UserApiController::index() */
['name' => 'UserApi#index', 'url' => '/api/v1/users', 'verb' => 'POST'],
],
'ocs' => [
/** @see Controller\WorkspaceController::folder() */
['name' => 'Workspace#folder', 'url' => '/workspace', 'verb' => 'GET'],
/** @see Controller\WorkspaceController::publicFolder() */
['name' => 'Workspace#publicFolder', 'url' => '/public/workspace', 'verb' => 'GET'],
/** @see Controller\WorkspaceController::direct() */
['name' => 'Workspace#direct', 'url' => '/workspace/direct', 'verb' => 'POST'],
]
];
3 changes: 2 additions & 1 deletion composer/composer/autoload_classmap.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -9,12 +9,13 @@
'Composer\\InstalledVersions' => $vendorDir . '/composer/InstalledVersions.php',
'OCA\\Text\\AppInfo\\Application' => $baseDir . '/../lib/AppInfo/Application.php',
'OCA\\Text\\Command\\ResetDocument' => $baseDir . '/../lib/Command/ResetDocument.php',
'OCA\\Text\\Controller\\ASessionAwareController' => $baseDir . '/../lib/Controller/ASessionAwareController.php',
'OCA\\Text\\Controller\\AttachmentController' => $baseDir . '/../lib/Controller/AttachmentController.php',
'OCA\\Text\\Controller\\ISessionAwareController' => $baseDir . '/../lib/Controller/ISessionAwareController.php',
'OCA\\Text\\Controller\\NavigationController' => $baseDir . '/../lib/Controller/NavigationController.php',
'OCA\\Text\\Controller\\PublicSessionController' => $baseDir . '/../lib/Controller/PublicSessionController.php',
'OCA\\Text\\Controller\\SessionController' => $baseDir . '/../lib/Controller/SessionController.php',
'OCA\\Text\\Controller\\SettingsController' => $baseDir . '/../lib/Controller/SettingsController.php',
'OCA\\Text\\Controller\\TSessionAwareController' => $baseDir . '/../lib/Controller/TSessionAwareController.php',
'OCA\\Text\\Controller\\UserApiController' => $baseDir . '/../lib/Controller/UserApiController.php',
'OCA\\Text\\Controller\\WorkspaceController' => $baseDir . '/../lib/Controller/WorkspaceController.php',
'OCA\\Text\\Cron\\Cleanup' => $baseDir . '/../lib/Cron/Cleanup.php',
Expand Down
3 changes: 2 additions & 1 deletion composer/composer/autoload_static.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -24,12 +24,13 @@ class ComposerStaticInitText
'Composer\\InstalledVersions' => __DIR__ . '/..' . '/composer/InstalledVersions.php',
'OCA\\Text\\AppInfo\\Application' => __DIR__ . '/..' . '/../lib/AppInfo/Application.php',
'OCA\\Text\\Command\\ResetDocument' => __DIR__ . '/..' . '/../lib/Command/ResetDocument.php',
'OCA\\Text\\Controller\\ASessionAwareController' => __DIR__ . '/..' . '/../lib/Controller/ASessionAwareController.php',
'OCA\\Text\\Controller\\AttachmentController' => __DIR__ . '/..' . '/../lib/Controller/AttachmentController.php',
'OCA\\Text\\Controller\\ISessionAwareController' => __DIR__ . '/..' . '/../lib/Controller/ISessionAwareController.php',
'OCA\\Text\\Controller\\NavigationController' => __DIR__ . '/..' . '/../lib/Controller/NavigationController.php',
'OCA\\Text\\Controller\\PublicSessionController' => __DIR__ . '/..' . '/../lib/Controller/PublicSessionController.php',
'OCA\\Text\\Controller\\SessionController' => __DIR__ . '/..' . '/../lib/Controller/SessionController.php',
'OCA\\Text\\Controller\\SettingsController' => __DIR__ . '/..' . '/../lib/Controller/SettingsController.php',
'OCA\\Text\\Controller\\TSessionAwareController' => __DIR__ . '/..' . '/../lib/Controller/TSessionAwareController.php',
'OCA\\Text\\Controller\\UserApiController' => __DIR__ . '/..' . '/../lib/Controller/UserApiController.php',
'OCA\\Text\\Controller\\WorkspaceController' => __DIR__ . '/..' . '/../lib/Controller/WorkspaceController.php',
'OCA\\Text\\Cron\\Cleanup' => __DIR__ . '/..' . '/../lib/Cron/Cleanup.php',
Expand Down
15 changes: 6 additions & 9 deletions cypress/e2e/api/UsersApi.spec.js
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -55,6 +55,7 @@ describe('The user mention API', function() {
cy.wrap(connection)
.its('document.id')
.should('equal', fileId)

const requestData = {
method: 'POST',
url: '/apps/text/api/v1/users',
Expand All @@ -66,43 +67,39 @@ describe('The user mention API', function() {
},
failOnStatusCode: false,
}
const invalidRequestData = { ...requestData }

cy.request(requestData).then(({ status }) => {
expect(status).to.eq(200)
})

const invalidRequestData = { ...requestData }
cy.wrap(() => {
invalidRequestData.body = {
...requestData.body,
sessionToken: 'invalid',
}
})

cy.request(invalidRequestData).then(({ status }) => {
expect(status).to.eq(403)
})

cy.wrap(() => {
invalidRequestData.body = {
...requestData.body,
sessionId: 0,
}
})

cy.request(invalidRequestData).then(({ status }) => {
expect(status).to.eq(403)
})

cy.wrap(() => {
invalidRequestData.body = {
...requestData.body,
documentId: 0,
}
})

cy.request(invalidRequestData).then(({ status }) => {
expect(status).to.eq(403)
})

cy.wrap(connection.close())
cy.wrap(null).then(() => connection.close())

cy.request(requestData).then(({ status, body }) => {
expect(status).to.eq(403)
Expand Down
25 changes: 0 additions & 25 deletions lib/Controller/ASessionAwareController.php
View file
Open in desktop

This file was deleted.

4 changes: 3 additions & 1 deletion lib/Controller/AttachmentController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -29,6 +29,7 @@
use OCA\Text\Exception\UploadException;
use OCA\Text\Middleware\Attribute\RequireDocumentSession;
use OCA\Text\Service\AttachmentService;
use OCP\AppFramework\ApiController;
use OCP\AppFramework\Http;
use OCP\AppFramework\Http\Attribute\NoAdminRequired;
use OCP\AppFramework\Http\Attribute\NoCSRFRequired;
Expand All @@ -42,7 +43,8 @@
use OCP\Util;
use Psr\Log\LoggerInterface;

class AttachmentController extends ASessionAwareController {
class AttachmentController extends ApiController implements ISessionAwareController {
use TSessionAwareController;
public const IMAGE_MIME_TYPES = [
'image/png',
'image/jpeg',
Expand Down
13 changes: 13 additions & 0 deletions lib/Controller/ISessionAwareController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
@@ -0,0 +1,13 @@
<?php

namespace OCA\Text\Controller;

use OCA\Text\Db\Document;
use OCA\Text\Db\Session;

interface ISessionAwareController {
public function getSession(): Session;
public function setSession(Session $session): void;
public function getDocument(): Document;
public function setDocument(Document $document): void;
}
62 changes: 31 additions & 31 deletions lib/Controller/PublicSessionController.php
View file
Open in desktop
Original file line number Diff line number Diff line change
Expand Up @@ -25,7 +25,10 @@

namespace OCA\Text\Controller;

use OCA\Text\Middleware\Attribute\RequireDocumentSession;
use OCA\Text\Service\ApiService;
use OCP\AppFramework\Http\Attribute\NoAdminRequired;
use OCP\AppFramework\Http\Attribute\PublicPage;
use OCP\AppFramework\Http\DataResponse;
use OCP\AppFramework\PublicShareController;
use OCP\IRequest;
Expand All @@ -34,15 +37,19 @@
use OCP\Share\IManager as ShareManager;
use OCP\Share\IShare;

class PublicSessionController extends PublicShareController {
private ShareManager $shareManager;
private ?IShare $share;
private ApiService $apiService;
class PublicSessionController extends PublicShareController implements ISessionAwareController {
use TSessionAwareController;

public function __construct(string $appName, IRequest $request, ISession $session, ShareManager $shareManager, ApiService $apiService) {
private IShare $share;

public function __construct(
string $appName,
IRequest $request,
ISession $session,
private ShareManager $shareManager,
private ApiService $apiService
) {
parent::__construct($appName, $request, $session);
$this->shareManager = $shareManager;
$this->apiService = $apiService;
}

protected function getPasswordHash(): string {
Expand All @@ -62,43 +69,36 @@ protected function isPasswordProtected(): bool {
return $this->share->getPassword() !== null;
}

/**
* @NoAdminRequired
* @PublicPage
*/
#[NoAdminRequired]
#[PublicPage]
public function create(string $token, string $file = null, $guestName = null): DataResponse {
return $this->apiService->create(null, $file, $token, $guestName);
}

/**
* @NoAdminRequired
* @PublicPage
*/
#[NoAdminRequired]
#[PublicPage]
public function close(int $documentId, int $sessionId, string $sessionToken): DataResponse {
return $this->apiService->close($documentId, $sessionId, $sessionToken);
}

/**
* @NoAdminRequired
* @PublicPage
*/
#[NoAdminRequired]
#[PublicPage]
#[RequireDocumentSession]
public function push(int $documentId, int $sessionId, string $sessionToken, int $version, array $steps, string $awareness, string $token): DataResponse {
return $this->apiService->push($documentId, $sessionId, $sessionToken, $version, $steps, $awareness, $token);
return $this->apiService->push($this->getSession(), $this->getDocument(), $version, $steps, $awareness, $token);
}

/**
* @NoAdminRequired
* @PublicPage
*/
#[NoAdminRequired]
#[PublicPage]
#[RequireDocumentSession]
public function sync(string $token, int $documentId, int $sessionId, string $sessionToken, int $version = 0, string $autosaveContent = null, string $documentState = null, bool $force = false, bool $manualSave = false): DataResponse {
return $this->apiService->sync($documentId, $sessionId, $sessionToken, $version, $autosaveContent, $documentState, $force, $manualSave, $token);
return $this->apiService->sync($this->getSession(), $this->getDocument(), $version, $autosaveContent, $documentState, $force, $manualSave, $token);
}

/**
* @NoAdminRequired
* @PublicPage
*/
public function updateSession(int $documentId, int $sessionId, string $sessionToken, string $guestName) {
return $this->apiService->updateSession($documentId, $sessionId, $sessionToken, $guestName);
#[NoAdminRequired]
#[PublicPage]
#[RequireDocumentSession]
public function updateSession(string $guestName) {
return $this->apiService->updateSession($this->getSession(), $guestName);
}
}
Loading