Merge pull request #46809 from nextcloud/refactor/files_external/secu…

…rity-attributes
nextcloud · Aug 14, 2024 · 458524e · 458524e
2 parents 2c7f5dc + c102b89
commit 458524e
Show file tree

Hide file tree

Showing 4 changed files with 16 additions and 24 deletions.
diff --git a/apps/files_external/lib/Controller/AjaxController.php b/apps/files_external/lib/Controller/AjaxController.php
@@ -9,6 +9,7 @@
 use OCA\Files_External\Lib\Auth\Password\GlobalAuth;
 use OCA\Files_External\Lib\Auth\PublicKey\RSA;
 use OCP\AppFramework\Controller;
+use OCP\AppFramework\Http\Attribute\NoAdminRequired;
 use OCP\AppFramework\Http\JSONResponse;
 use OCP\IGroupManager;
 use OCP\IRequest;
@@ -60,9 +61,9 @@ private function generateSshKeys($keyLength) {
 	/**
 	 * Generates an SSH public/private key pair.
 	 *
-	 * @NoAdminRequired
 	 * @param int $keyLength
 	 */
+	#[NoAdminRequired]
 	public function getSshKeys($keyLength = 1024) {
 		$key = $this->generateSshKeys($keyLength);
 		return new JSONResponse(
@@ -75,13 +76,12 @@ public function getSshKeys($keyLength = 1024) {
 	}
 
 	/**
-	 * @NoAdminRequired
-	 *
 	 * @param string $uid
 	 * @param string $user
 	 * @param string $password
 	 * @return bool
 	 */
+	#[NoAdminRequired]
 	public function saveGlobalCredentials($uid, $user, $password) {
 		$currentUser = $this->userSession->getUser();
 		if ($currentUser === null) {

diff --git a/apps/files_external/lib/Controller/ApiController.php b/apps/files_external/lib/Controller/ApiController.php
@@ -14,6 +14,7 @@
 use OCA\Files_External\Service\UserGlobalStoragesService;
 use OCA\Files_External\Service\UserStoragesService;
 use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\NoAdminRequired;
 use OCP\AppFramework\Http\Attribute\OpenAPI;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\AppFramework\OCSController;
@@ -76,14 +77,13 @@ private function formatMount(string $mountPoint, StorageConfig $mountConfig): ar
 	}
 
 	/**
-	 * @NoAdminRequired
-	 *
 	 * Get the mount points visible for this user
 	 *
 	 * @return DataResponse<Http::STATUS_OK, Files_ExternalMount[], array{}>
 	 *
 	 * 200: User mounts returned
 	 */
+	#[NoAdminRequired]
 	public function getUserMounts(): DataResponse {
 		$entries = [];
 		$mountPoints = [];
@@ -105,12 +105,10 @@ public function getUserMounts(): DataResponse {
 	}
 
 	/**
-	 * @NoAdminRequired
-	 * @NoCSRFRequired
-	 *
 	 * Ask for credentials using a browser's native basic auth prompt
 	 * Then returns it if provided
 	 */
+	#[NoAdminRequired]
 	#[OpenAPI(scope: OpenAPI::SCOPE_IGNORE)]
 	public function askNativeAuth(): DataResponse {
 		if (!isset($_SERVER['PHP_AUTH_USER']) || !isset($_SERVER['PHP_AUTH_PW'])) {

diff --git a/apps/files_external/lib/Controller/UserGlobalStoragesController.php b/apps/files_external/lib/Controller/UserGlobalStoragesController.php
@@ -15,6 +15,7 @@
 use OCA\Files_External\NotFoundException;
 use OCA\Files_External\Service\UserGlobalStoragesService;
 use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\NoAdminRequired;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\IConfig;
 use OCP\IGroupManager;
@@ -64,9 +65,8 @@ public function __construct(
 	 * Get all storage entries
 	 *
 	 * @return DataResponse
-	 *
-	 * @NoAdminRequired
 	 */
+	#[NoAdminRequired]
 	public function index() {
 		/** @var UserGlobalStoragesService */
 		$service = $this->service;
@@ -97,9 +97,8 @@ protected function manipulateStorageConfig(StorageConfig $storage) {
 	 * @param int $id storage id
 	 * @param bool $testOnly whether to storage should only test the connection or do more things
 	 * @return DataResponse
-	 *
-	 * @NoAdminRequired
 	 */
+	#[NoAdminRequired]
 	public function show($id, $testOnly = true) {
 		try {
 			$storage = $this->service->getStorage($id);
@@ -135,9 +134,8 @@ public function show($id, $testOnly = true) {
 	 * @param bool $testOnly whether to storage should only test the connection or do more things
 	 *
 	 * @return DataResponse
-	 *
-	 * @NoAdminRequired
 	 */
+	#[NoAdminRequired]
 	public function update(
 		$id,
 		$backendOptions,

diff --git a/apps/files_external/lib/Controller/UserStoragesController.php b/apps/files_external/lib/Controller/UserStoragesController.php
@@ -12,6 +12,7 @@
 use OCA\Files_External\NotFoundException;
 use OCA\Files_External\Service\UserStoragesService;
 use OCP\AppFramework\Http;
+use OCP\AppFramework\Http\Attribute\NoAdminRequired;
 use OCP\AppFramework\Http\DataResponse;
 use OCP\IConfig;
 use OCP\IGroupManager;
@@ -69,21 +70,19 @@ protected function manipulateStorageConfig(StorageConfig $storage) {
 	/**
 	 * Get all storage entries
 	 *
-	 * @NoAdminRequired
-	 *
 	 * @return DataResponse
 	 */
+	#[NoAdminRequired]
 	public function index() {
 		return parent::index();
 	}
 
 	/**
 	 * Return storage
 	 *
-	 * @NoAdminRequired
-	 *
 	 * {@inheritdoc}
 	 */
+	#[NoAdminRequired]
 	public function show($id, $testOnly = true) {
 		return parent::show($id, $testOnly);
 	}
@@ -98,9 +97,8 @@ public function show($id, $testOnly = true) {
 	 * @param array $mountOptions backend-specific mount options
 	 *
 	 * @return DataResponse
-	 *
-	 * @NoAdminRequired
 	 */
+	#[NoAdminRequired]
 	public function create(
 		$mountPoint,
 		$backend,
@@ -154,9 +152,8 @@ public function create(
 	 * @param bool $testOnly whether to storage should only test the connection or do more things
 	 *
 	 * @return DataResponse
-	 *
-	 * @NoAdminRequired
 	 */
+	#[NoAdminRequired]
 	public function update(
 		$id,
 		$mountPoint,
@@ -205,10 +202,9 @@ public function update(
 	/**
 	 * Delete storage
 	 *
-	 * @NoAdminRequired
-	 *
 	 * {@inheritdoc}
 	 */
+	#[NoAdminRequired]
 	public function destroy($id) {
 		return parent::destroy($id);
 	}