From a1232f46caba330ea6ada0a112aa1d49a4d23f3b Mon Sep 17 00:00:00 2001
From: Morris Jobke <hey@morrisjobke.de>
Date: Mon, 12 Mar 2018 18:03:25 +0100
Subject: [PATCH] Remove unused methods and constants from legacy OC_API
Signed-off-by: Morris Jobke <hey@morrisjobke.de>
---
lib/private/legacy/api.php | 277 -------------------------------------
tests/lib/APITest.php | 115 ---------------
2 files changed, 392 deletions(-)
diff --git a/lib/private/legacy/api.php b/lib/private/legacy/api.php
index 7fe84b73c43..fde1d99e79d 100644
--- a/lib/private/legacy/api.php
+++ b/lib/private/legacy/api.php
@@ -37,44 +37,10 @@ use OCP\AppFramework\Http;
class OC_API {
- /**
- * API authentication levels
- */
-
- /** @deprecated Use \OCP\API::GUEST_AUTH instead */
- const GUEST_AUTH = 0;
-
- /** @deprecated Use \OCP\API::USER_AUTH instead */
- const USER_AUTH = 1;
-
- /** @deprecated Use \OCP\API::SUBADMIN_AUTH instead */
- const SUBADMIN_AUTH = 2;
-
- /** @deprecated Use \OCP\API::ADMIN_AUTH instead */
- const ADMIN_AUTH = 3;
-
- /**
- * API Response Codes
- */
-
- /** @deprecated Use \OCP\API::RESPOND_UNAUTHORISED instead */
- const RESPOND_UNAUTHORISED = 997;
-
- /** @deprecated Use \OCP\API::RESPOND_SERVER_ERROR instead */
- const RESPOND_SERVER_ERROR = 996;
-
- /** @deprecated Use \OCP\API::RESPOND_NOT_FOUND instead */
- const RESPOND_NOT_FOUND = 998;
-
- /** @deprecated Use \OCP\API::RESPOND_UNKNOWN_ERROR instead */
- const RESPOND_UNKNOWN_ERROR = 999;
-
/**
* api actions
*/
protected static $actions = array();
- private static $logoutRequired = false;
- private static $isLoggedIn = false;
/**
* registers an api call
@@ -106,249 +72,6 @@ class OC_API {
self::$actions[$name][] = array('app' => $app, 'action' => $action, 'authlevel' => $authLevel);
}
- /**
- * handles an api call
- * @param array $parameters
- */
- public static function call($parameters) {
- $request = \OC::$server->getRequest();
- $method = $request->getMethod();
-
- // Prepare the request variables
- if($method === 'PUT') {
- $parameters['_put'] = $request->getParams();
- } else if($method === 'DELETE') {
- $parameters['_delete'] = $request->getParams();
- }
- $name = $parameters['_route'];
- // Foreach registered action
- $responses = array();
- $appManager = \OC::$server->getAppManager();
- foreach(self::$actions[$name] as $action) {
- // Check authentication and availability
- if(!self::isAuthorised($action)) {
- $responses[] = array(
- 'app' => $action['app'],
- 'response' => new \OC\OCS\Result(null, API::RESPOND_UNAUTHORISED, 'Unauthorised'),
- 'shipped' => $appManager->isShipped($action['app']),
- );
- continue;
- }
- if(!is_callable($action['action'])) {
- $responses[] = array(
- 'app' => $action['app'],
- 'response' => new \OC\OCS\Result(null, API::RESPOND_NOT_FOUND, 'Api method not found'),
- 'shipped' => $appManager->isShipped($action['app']),
- );
- continue;
- }
- // Run the action
- $responses[] = array(
- 'app' => $action['app'],
- 'response' => call_user_func($action['action'], $parameters),
- 'shipped' => $appManager->isShipped($action['app']),
- );
- }
- $response = self::mergeResponses($responses);
- $format = self::requestedFormat();
- if (self::$logoutRequired) {
- \OC::$server->getUserSession()->logout();
- }
-
- self::respond($response, $format);
- }
-
- /**
- * merge the returned result objects into one response
- * @param array $responses
- * @return \OC\OCS\Result
- */
- public static function mergeResponses($responses) {
- // Sort into shipped and third-party
- $shipped = array(
- 'succeeded' => array(),
- 'failed' => array(),
- );
- $thirdparty = array(
- 'succeeded' => array(),
- 'failed' => array(),
- );
-
- foreach($responses as $response) {
- if($response['shipped'] || ($response['app'] === 'core')) {
- if($response['response']->succeeded()) {
- $shipped['succeeded'][$response['app']] = $response;
- } else {
- $shipped['failed'][$response['app']] = $response;
- }
- } else {
- if($response['response']->succeeded()) {
- $thirdparty['succeeded'][$response['app']] = $response;
- } else {
- $thirdparty['failed'][$response['app']] = $response;
- }
- }
- }
-
- // Remove any error responses if there is one shipped response that succeeded
- if(!empty($shipped['failed'])) {
- // Which shipped response do we use if they all failed?
- // They may have failed for different reasons (different status codes)
- // Which response code should we return?
- // Maybe any that are not \OCP\API::RESPOND_SERVER_ERROR
- // Merge failed responses if more than one
- $data = array();
- foreach($shipped['failed'] as $failure) {
- $data = array_merge_recursive($data, $failure['response']->getData());
- }
- $picked = reset($shipped['failed']);
- $code = $picked['response']->getStatusCode();
- $meta = $picked['response']->getMeta();
- $headers = $picked['response']->getHeaders();
- $response = new \OC\OCS\Result($data, $code, $meta['message'], $headers);
- return $response;
- } elseif(!empty($shipped['succeeded'])) {
- $responses = array_merge($shipped['succeeded'], $thirdparty['succeeded']);
- } elseif(!empty($thirdparty['failed'])) {
- // Merge failed responses if more than one
- $data = array();
- foreach($thirdparty['failed'] as $failure) {
- $data = array_merge_recursive($data, $failure['response']->getData());
- }
- $picked = reset($thirdparty['failed']);
- $code = $picked['response']->getStatusCode();
- $meta = $picked['response']->getMeta();
- $headers = $picked['response']->getHeaders();
- $response = new \OC\OCS\Result($data, $code, $meta['message'], $headers);
- return $response;
- } else {
- $responses = $thirdparty['succeeded'];
- }
- // Merge the successful responses
- $data = [];
- $codes = [];
- $header = [];
-
- foreach($responses as $response) {
- if($response['shipped']) {
- $data = array_merge_recursive($response['response']->getData(), $data);
- } else {
- $data = array_merge_recursive($data, $response['response']->getData());
- }
- $header = array_merge_recursive($header, $response['response']->getHeaders());
- $codes[] = ['code' => $response['response']->getStatusCode(),
- 'meta' => $response['response']->getMeta()];
- }
-
- // Use any non 100 status codes
- $statusCode = 100;
- $statusMessage = null;
- foreach($codes as $code) {
- if($code['code'] != 100) {
- $statusCode = $code['code'];
- $statusMessage = $code['meta']['message'];
- break;
- }
- }
-
- return new \OC\OCS\Result($data, $statusCode, $statusMessage, $header);
- }
-
- /**
- * authenticate the api call
- * @param array $action the action details as supplied to OC_API::register()
- * @return bool
- */
- private static function isAuthorised($action) {
- $level = $action['authlevel'];
- switch($level) {
- case API::GUEST_AUTH:
- // Anyone can access
- return true;
- case API::USER_AUTH:
- // User required
- return self::loginUser();
- case API::SUBADMIN_AUTH:
- // Check for subadmin
- $user = self::loginUser();
- if(!$user) {
- return false;
- } else {
- $userObject = \OC::$server->getUserSession()->getUser();
- if($userObject === null) {
- return false;
- }
- $isSubAdmin = \OC::$server->getGroupManager()->getSubAdmin()->isSubAdmin($userObject);
- $admin = OC_User::isAdminUser($user);
- if($isSubAdmin || $admin) {
- return true;
- } else {
- return false;
- }
- }
- case API::ADMIN_AUTH:
- // Check for admin
- $user = self::loginUser();
- if(!$user) {
- return false;
- } else {
- return OC_User::isAdminUser($user);
- }
- default:
- // oops looks like invalid level supplied
- return false;
- }
- }
-
- /**
- * http basic auth
- * @return string|false (username, or false on failure)
- */
- private static function loginUser() {
- if(self::$isLoggedIn === true) {
- return \OC_User::getUser();
- }
-
- // reuse existing login
- $loggedIn = \OC::$server->getUserSession()->isLoggedIn();
- if ($loggedIn === true) {
- if (\OC::$server->getTwoFactorAuthManager()->needsSecondFactor(\OC::$server->getUserSession()->getUser())) {
- // Do not allow access to OCS until the 2FA challenge was solved successfully
- return false;
- }
- $ocsApiRequest = isset($_SERVER['HTTP_OCS_APIREQUEST']) ? $_SERVER['HTTP_OCS_APIREQUEST'] === 'true' : false;
- if ($ocsApiRequest) {
-
- // initialize the user's filesystem
- \OC_Util::setupFS(\OC_User::getUser());
- self::$isLoggedIn = true;
-
- return OC_User::getUser();
- }
- return false;
- }
-
- // basic auth - because OC_User::login will create a new session we shall only try to login
- // if user and pass are set
- $userSession = \OC::$server->getUserSession();
- $request = \OC::$server->getRequest();
- try {
- if ($userSession->tryTokenLogin($request)
- || $userSession->tryBasicAuthLogin($request, \OC::$server->getBruteForceThrottler())) {
- self::$logoutRequired = true;
- } else {
- return false;
- }
- // initialize the user's filesystem
- \OC_Util::setupFS(\OC_User::getUser());
- self::$isLoggedIn = true;
-
- return \OC_User::getUser();
- } catch (\OC\User\LoginException $e) {
- return false;
- }
- }
-
/**
* respond to a call
* @param \OC\OCS\Result $result
diff --git a/tests/lib/APITest.php b/tests/lib/APITest.php
index b1ac8fbb24f..bf6902fde65 100644
--- a/tests/lib/APITest.php
+++ b/tests/lib/APITest.php
@@ -83,119 +83,4 @@ class APITest extends \Test\TestCase {
$this->assertEquals($expected, $this->invokePrivate(new \OC_API, 'isV2', [$request]));
}
-
- function dataProviderTestOneResult() {
- return [
- [100, true],
- [101, false],
- [997, false],
- ];
- }
-
- /**
- * @dataProvider dataProviderTestOneResult
- *
- * @param $statusCode
- * @param $succeeded
- */
- public function testOneResult($statusCode, $succeeded) {
- // Setup some data arrays
- $data1 = [
- 'users' => [
- 'tom' => [
- 'key' => 'value',
- ],
- 'frank' => [
- 'key' => 'value',
- ],
- ]];
-
- // Test merging one success result
- $response = $this->buildResponse(true, $data1, $statusCode);
- $result = \OC_API::mergeResponses([$response]);
- $this->assertEquals($response['response'], $result);
- $this->checkResult($result, $succeeded);
- }
-
- function dataProviderTestMergeResponses() {
- return [
- // Two shipped success results
- [true, 100, true, 100, true],
- // Two shipped results, one success and one failure
- [true, 100, true, 998, false],
- // Two shipped results, both failure
- [true, 997, true, 998, false],
- // Two third party success results
- [false, 100, false, 100, true],
- // Two third party results, one success and one failure
- [false, 100, false, 998, false],
- // Two third party results, both failure
- [false, 997, false, 998, false],
- // One of each, both success
- [false, 100, true, 100, true],
- [true, 100, false, 100, true],
- // One of each, both failure
- [false, 997, true, 998, false],
- // One of each, shipped success
- [false, 997, true, 100, true],
- // One of each, third party success
- [false, 100, true, 998, false],
- ];
- }
- /**
- * @dataProvider dataProviderTestMergeResponses
- *
- * Test the merging of multiple responses
- * @param $statusCode1
- * @param $statusCode2
- * @param $succeeded
- */
- public function testMultipleMergeResponses($shipped1, $statusCode1, $shipped2, $statusCode2, $succeeded){
- // Tests that app responses are merged correctly
- // Setup some data arrays
- $data1 = array(
- 'users' => array(
- 'tom' => array(
- 'key' => 'value',
- ),
- 'frank' => array(
- 'key' => 'value',
- ),
- ));
-
- $data2 = array(
- 'users' => array(
- 'tom' => array(
- 'key' => 'newvalue',
- ),
- 'jan' => array(
- 'key' => 'value',
- ),
- ));
-
- // Two shipped success results
- $result = \OC_API::mergeResponses(array(
- $this->buildResponse($shipped1, $data1, $statusCode1, "message1"),
- $this->buildResponse($shipped2, $data2, $statusCode2, "message2"),
- ));
- $this->checkResult($result, $succeeded);
- $resultData = $result->getData();
- $resultMeta = $result->getMeta();
- $resultHeaders = $result->getHeaders();
- $resultStatusCode = $result->getStatusCode();
-
- $this->assertArrayHasKey('jan', $resultData['users']);
- $this->assertArrayHasKey('KEY', $resultHeaders);
-
- // check if the returned status message matches the selected status code
- if ($resultStatusCode === 997) {
- $this->assertEquals('message1', $resultMeta['message']);
- } elseif ($resultStatusCode === 998) {
- $this->assertEquals('message2', $resultMeta['message']);
- } elseif ($resultStatusCode === 100) {
- $this->assertEquals(null, $resultMeta['message']);
- }
-
- }
-
}
--
GitLab