You can not select more than 25 topics
Topics must start with a letter or number, can include dashes ('-') and can be up to 35 characters long.
83 lines
2.1 KiB
83 lines
2.1 KiB
<?php |
|
/** |
|
* @copyright Copyright (c) 2016, Robin Appelman <robin@icewind.nl> |
|
* |
|
* @author Robin Appelman <robin@icewind.nl> |
|
* |
|
* @license GNU AGPL version 3 or any later version |
|
* |
|
* This program is free software: you can redistribute it and/or modify |
|
* it under the terms of the GNU Affero General Public License as |
|
* published by the Free Software Foundation, either version 3 of the |
|
* License, or (at your option) any later version. |
|
* |
|
* This program is distributed in the hope that it will be useful, |
|
* but WITHOUT ANY WARRANTY; without even the implied warranty of |
|
* MERCHANTABILITY or FITNESS FOR A PARTICULAR PURPOSE. See the |
|
* GNU Affero General Public License for more details. |
|
* |
|
* You should have received a copy of the GNU Affero General Public License |
|
* along with this program. If not, see <http://www.gnu.org/licenses/>. |
|
* |
|
*/ |
|
|
|
namespace OC\Lockdown; |
|
|
|
use OC\Authentication\Token\IToken; |
|
use OCP\ISession; |
|
use OCP\Lockdown\ILockdownManager; |
|
|
|
class LockdownManager implements ILockdownManager { |
|
/** @var ISession */ |
|
private $sessionCallback; |
|
|
|
private $enabled = false; |
|
|
|
/** @var array|null */ |
|
private $scope; |
|
|
|
/** |
|
* LockdownManager constructor. |
|
* |
|
* @param callable $sessionCallback we need to inject the session lazily to avoid dependency loops |
|
*/ |
|
public function __construct(callable $sessionCallback) { |
|
$this->sessionCallback = $sessionCallback; |
|
} |
|
|
|
|
|
public function enable() { |
|
$this->enabled = true; |
|
} |
|
|
|
/** |
|
* @return ISession |
|
*/ |
|
private function getSession() { |
|
$callback = $this->sessionCallback; |
|
return $callback(); |
|
} |
|
|
|
private function getScopeAsArray() { |
|
if (!$this->scope) { |
|
$session = $this->getSession(); |
|
$sessionScope = $session->get('token_scope'); |
|
if ($sessionScope) { |
|
$this->scope = $sessionScope; |
|
} |
|
} |
|
return $this->scope; |
|
} |
|
|
|
public function setToken(IToken $token) { |
|
$this->scope = $token->getScopeAsArray(); |
|
$session = $this->getSession(); |
|
$session->set('token_scope', $this->scope); |
|
$this->enable(); |
|
} |
|
|
|
public function canAccessFilesystem() { |
|
$scope = $this->getScopeAsArray(); |
|
return !$scope || $scope['filesystem']; |
|
} |
|
}
|
|
|