Skip to content
Snippets Groups Projects
Unverified Commit 04031f60 authored by Roeland Jago Douma's avatar Roeland Jago Douma Committed by GitHub
Browse files

Merge pull request #18478 from nextcloud/fix/direct-editing-invalid-editor-id 

Do not generate tokens for editor IDs that do not exist
parents 3af63f15 0ddb9c01
No related branches found
No related tags found
No related merge requests found
Hide whitespace changes
Inline Side-by-side
apps/files/lib/Controller/DirectEditingController.php
+ 3
3
View file @ 04031f60
...@@ -89,7 +89,7 @@ class DirectEditingController extends OCSController { ...@@ -89,7 +89,7 @@ class DirectEditingController extends OCSController {
]); ]);
} catch (Exception $e) { } catch (Exception $e) {
$this->logger->logException($e, ['message' => 'Exception when creating a new file through direct editing']); $this->logger->logException($e, ['message' => 'Exception when creating a new file through direct editing']);
return new DataResponse('Failed to create file', Http::STATUS_FORBIDDEN); return new DataResponse('Failed to create file: ' . $e->getMessage(), Http::STATUS_FORBIDDEN);
} }
} }
...@@ -106,7 +106,7 @@ class DirectEditingController extends OCSController { ...@@ -106,7 +106,7 @@ class DirectEditingController extends OCSController {
]); ]);
} catch (Exception $e) { } catch (Exception $e) {
$this->logger->logException($e, ['message' => 'Exception when opening a file through direct editing']); $this->logger->logException($e, ['message' => 'Exception when opening a file through direct editing']);
return new DataResponse('Failed to open file', Http::STATUS_FORBIDDEN); return new DataResponse('Failed to open file: ' . $e->getMessage(), Http::STATUS_FORBIDDEN);
} }
} }
...@@ -122,7 +122,7 @@ class DirectEditingController extends OCSController { ...@@ -122,7 +122,7 @@ class DirectEditingController extends OCSController {
return new DataResponse($this->directEditingManager->getTemplates($editorId, $creatorId)); return new DataResponse($this->directEditingManager->getTemplates($editorId, $creatorId));
} catch (Exception $e) { } catch (Exception $e) {
$this->logger->logException($e); $this->logger->logException($e);
return new DataResponse('Failed to open file', Http::STATUS_INTERNAL_SERVER_ERROR); return new DataResponse('Failed to obtain template list: ' . $e->getMessage(), Http::STATUS_INTERNAL_SERVER_ERROR);
} }
} }
} }
lib/private/DirectEditing/Manager.php
+ 5
0
View file @ 04031f60
...@@ -45,6 +45,8 @@ use OCP\IUserSession; ...@@ -45,6 +45,8 @@ use OCP\IUserSession;
use OCP\L10N\IFactory; use OCP\L10N\IFactory;
use OCP\Security\ISecureRandom; use OCP\Security\ISecureRandom;
use OCP\Share\IShare; use OCP\Share\IShare;
use function array_key_exists;
use function in_array;
class Manager implements IManager { class Manager implements IManager {
...@@ -140,6 +142,9 @@ class Manager implements IManager { ...@@ -140,6 +142,9 @@ class Manager implements IManager {
if ($editorId === null) { if ($editorId === null) {
$editorId = $this->findEditorForFile($file); $editorId = $this->findEditorForFile($file);
} }
if (!array_key_exists($editorId, $this->editors)) {
throw new \RuntimeException("Editor $editorId is unknown");
}
return $this->createToken($editorId, $file, $filePath); return $this->createToken($editorId, $file, $filePath);
} }
......
0% or .
You are about to add 0 people to the discussion. Proceed with caution.
Finish editing this message first!
Please register or to comment