blob: 99258285ce98f884403c68e1cb53aa4a73b8b12c (
plain)
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
|
<?php
/**
* ownCloud - News app
*
* @author Bernhard Posselt
* Copyright (c) 2012 - Bernhard Posselt <nukeawhale@gmail.com>
*
* This file is licensed under the Affero General Public License version 3 or later.
* See the COPYING-README file
*
*/
namespace OCA\News;
/**
* This class is a simple object with getters and setters and allows
* finegrained controll over security checks
* All security checks are enabled by default
*/
class Security {
private $csrfCheck;
private $loggedInCheck;
private $appEnabledCheck;
private $isAdminCheck;
private $appName;
/**
* @param string $appName: the name of the app
*/
public function __construct($appName){
$this->appName = $appName;
// enable all checks by default
$this->csrfCheck = true;
$this->loggedInCheck = true;
$this->appEnabledCheck = true;
$this->isAdminCheck = true;
}
public function setCSRFCheck($csrfCheck){
$this->csrfCheck = $csrfCheck;
}
public function setLoggedInCheck($loggedInCheck){
$this->loggedInCheck = $loggedInCheck;
}
public function setAppEnabledCheck($appEnabledCheck){
$this->appEnabledCheck = $appEnabledCheck;
}
public function setIsAdminCheck($isAdminCheck){
$this->isAdminCheck = $isAdminCheck;
}
/**
* Runs all security checks
*/
public function runChecks() {
if($this->loggedInCheck){
\OCP\JSON::checkLoggedIn();
}
if($this->appEnabledCheck){
\OCP\JSON::checkAppEnabled($this->appName);
}
if($this->isAdminCheck){
\OCP\JSON::checkAdminUser();
}
}
/**
* Runs all the security checks for AJAX requests
*/
public function runAjaxChecks(){
if($this->csrfCheck){
\OCP\JSON::callCheck();
}
if($this->loggedInCheck){
\OCP\JSON::checkLoggedIn();
}
if($this->appEnabledCheck){
\OCP\JSON::checkAppEnabled($this->appName);
}
if($this->isAdminCheck){
\OCP\JSON::checkAdminUser();
}
}
}
|